Quarterly AI Program Review Agenda
This agenda supports a standing quarterly meeting for cross-functional AI program review. The meeting is operational, not strategic — it reviews what happened, confirms the program is on track, and surfaces issues that need decisions. Reserve strategic discussion for a separate forum. Target duration: 90 minutes. Adjust sections and timing based on program maturity.Meeting name: [Company] Quarterly AI Program Review — [Q and Year] Date / time: [Date, Time, Time zone] Location: [Room / video call link] Chair: [AI Program Lead / CISO / CTO] Notetaker: [Name] Distribution list for minutes: [List or group email]
Standing Attendees
| Role | Name | Required / Optional |
|------|------|---------------------|
| AI Program Lead | [Name] | Required |
| CISO / Security Lead | [Name] | Required |
| Legal / Privacy | [Name] | Required |
| IT / Infrastructure | [Name] | Required |
| HR / People | [Name] | Optional |
| Procurement | [Name] | Optional |
| Department AI Champions (if programme active) | [Names] | Optional |
| Executive Sponsor | [Name] | Optional — required for Elevated/High risk quarter |
Pre-Meeting Requirements
The following must be prepared and distributed to attendees at least [3] business days before the meeting:
- [ ] AI Tool Inventory updated and sent by [IT / Security]
- [ ] Incident log for the quarter prepared by [Security]
- [ ] Vendor contract calendar reviewed; renewals in the next 90 days flagged by [Procurement]
- [ ] Training completion data pulled by [HR / L&D]
- [ ] Draft KPI scorecard prepared by [AI Program Lead]
- [ ] Any regulatory updates relevant to AI compiled by [Legal]
Agenda
Item 1 — Previous Quarter Actions Review (10 minutes)
Review the action items from the prior quarter's minutes.
- For each action: confirm status (Closed / In progress / At risk / Cancelled).
- For any overdue or at-risk action: identify the blocker and reassign or close.
- Confirm no action item carries over more than two consecutive quarters without escalation.
Item 2 — AI Tool Inventory Update (15 minutes)
Review changes to the AI tool inventory since the last meeting.
- Tools added since last quarter: [N]. Walk through any that carry elevated risk.
- Tools retired since last quarter: [N]. Confirm data deletion is documented.
- Tools on probation or under enhanced review: [N]. Status update for each.
- Inventory accuracy: confirm when the last full audit was completed. Flag if overdue.
- Shadow AI: any newly discovered tools not in the inventory? How were they discovered? What is the remediation plan?
Item 3 — Incident Review (15 minutes)
Review AI-related incidents and near-misses for the quarter.
- Total incidents by severity: Critical [N], High [N], Medium [N], Low [N].
- For each Critical or High incident: brief summary, root cause, remediation status, and any open action items.
- Trend analysis: is incident volume increasing, stable, or decreasing? What is driving the trend?
- Near-misses or leading indicators: anything detected through DLP, audit logs, or voluntary reporting that did not escalate to a formal incident but warrants attention.
Item 4 — Vendor Portfolio Review (15 minutes)
Review the status of approved AI vendors.
- Contracts renewing in the next 90 days: [list vendors, dates, and renewal owner].
- Vendors with significant news, incidents, or risk rating changes since last quarter.
- Vendor evaluations completed this quarter: [N]. Outcomes.
- Vendor evaluations overdue (not reviewed in >12 months): [N vendors]. Prioritisation.
- Any vendor relationships proposed for termination: rationale and transition plan.
Item 5 — Training and Awareness (10 minutes)
Review the status of AI training across the organisation.
- Completion rate for mandatory AI training: [X]% (target: [X]%).
- Departments below target: [list]. Remediation owner and deadline.
- New hire completion within required window: [X]% on track.
- Training content updates needed based on policy changes or incidents this quarter.
- Any training delivered to specific teams or for new tools: summary and outcomes.
Item 6 — Regulatory and Policy Update (10 minutes)
Brief review of regulatory changes and policy status.
- Material regulatory developments since last quarter affecting [Company]'s AI use (e.g. EU AI Act implementation milestones, new state laws, sector-specific guidance).
- Policy review status: [which policies are overdue for review, which were updated this quarter].
- Compliance gap assessment: any known gaps between current practice and regulatory requirements. Owner and timeline for closure.
Item 7 — KPI Scorecard (10 minutes)
Review program-level KPIs against targets.
Review the pre-circulated KPI scorecard. Discussion focuses on metrics off-target; do not spend time confirming metrics already on track.
For each off-target KPI:
- Root cause (one sentence)
- Owner and corrective action
- Revised target date
Item 8 — Decisions Required (10 minutes)
Surface any items that require a decision from this group.
This section is prepared by the AI Program Lead in advance. Each decision item should include:
- Decision to be made
- Options with a brief assessment of each
- Recommendation (if any)
- Required by (date — to avoid blocking downstream work)
Item 9 — Next Quarter Preview and Action Assignment (5 minutes)
- Preview of planned activities next quarter: tool evaluations, policy reviews, training rollouts, regulatory deadlines.
- Confirm action items arising from this meeting: owner, action, due date for each.
- Confirm date and chair for next quarterly review.
Minutes Template
Minutes should be distributed within [3] business days of the meeting and include:
- Attendance (present / absent / apologies)
- Summary of each agenda item (not a transcript)
- Decisions made (numbered list)
- Action items: owner, action description, due date
- Items deferred and the reason
Agenda template version: [Date]. Next scheduled review: [Date].