AI risk does not wait for annual audits. A light, recurring forum keeps workflows aligned with policy as tools and models change.
Suggested cadence
| Team size | Frequency | Duration |
|---|---|---|
| Pilot stage | Biweekly | 45 min |
| Multiple live workflows | Monthly | 60 min |
| Regulated industry | Monthly + quarterly deep dive | 90 min |
Standing agenda
- New or changed workflows since last meeting (scope, data, owners).
- Eval regressions or incident summaries.
- Open items from legal / security.
- Approvals: promote, pause, or retire workflows.
- Actions with owners and due dates.
Attendees
Executive sponsor (optional monthly), process owners for live workflows, IT representative, legal/compliance as needed, ops lead for metrics.
Outputs
- Updated risk register (workflow × risk × mitigation).
- Decision log linked to audit trails.
- Changes to context packs or boundaries—not slide decks only.