Public sample — illustrative content only
Example Institution · Board Risk Committee
Noetfield Trust Ledger — Sample Board Report
One human-readable record of material AI systems, changes, controls, incidents, and board actions for
Q1 2026.
This sample demonstrates structure and governance language. Metrics, identifiers, and dates are illustrative.
Do not treat as operational advice. For a tailored version, start with Trust Brief.
1. Executive Summary
Top-level signals for the Board
Headlines
- S-01 (credit decision assistant) remains stable; no material deterioration after last-quarter parameter changes.
- S-03 (AI vendor screening) is ready for controlled production launch, subject to Board conditions in Section 7.
- One medium-severity near miss (I-01) was caught by human review; guardrails and reviewer training strengthened.
Board decisions requested
- Approve deployment of S-03 to production with specified safeguards and monitoring thresholds.
- Confirm decommissioning of legacy classifier S-07 and retention of logs per governance policy.
See Section 7 for items, recommended decisions, and deadlines.
2. AI System Inventory Snapshot
Material AI systems in scope this period
| ID | System / Use Case | Business Owner | Model / Provider | Infra | Data Sensitivity | Risk Tier | Status |
|---|---|---|---|---|---|---|---|
| S-01 | Credit decision assistant — retail limits | CRO | Internal model, supported by frontier API | GPU-backed cloud | High | Tier 2 | Production |
| S-02 | Customer support triage — inbound messages | COO | Hosted LLM with internal guardrails | Cloud CPU | Medium | Tier 3 | Pilot |
| S-03 | Vendor risk screening — high-risk vendors | CRO | Composite model (internal + third-party) | GPU-backed cloud | Medium | Tier 2 | Pre-production |
Inventory includes systems classified as “material” under internal governance standard
AIG-01 for Q1 2026 (illustrative).
3. Significant Changes This Period
New, changed, and decommissioned systems
| Change Type | System ID | Description of Change | Rationale | Governance Actions | Effective Date |
|---|---|---|---|---|---|
| New | S-03 | Introduction of AI-based vendor screening for high-risk vendors. | Reduce manual review time, increase consistency, improve coverage. | Reviewed by AI Governance Committee; recommended for Board approval with monitoring conditions. | 2026-01-15 |
| Parameter change | S-01 | Max auto-approved credit limit increase adjusted from +10% to +15% for low-risk customers. | Align limits with peer practice; support growth while staying within risk appetite. | Impact analysis to Risk Committee; endorsed subject to weekly drift + delinquency monitoring. | 2026-01-28 |
| Decommissioned | S-07 | Legacy NLP classifier for complaints routing decommissioned. | Consolidated into S-02 with stronger monitoring and vendor support. | Decommission plan approved; logs archived for 7 years per retention standard AIG-02. |
2026-02-03 |
4. Incidents, Exceptions, and Near Misses
Material AI-related events during the period
| Ref | Date | System ID | Severity | Description | Root Cause | Actions Taken | Status |
|---|---|---|---|---|---|---|---|
| I-01 | 2026-01-07 | S-01 | Medium | Model suggested a credit-term adjustment that would have breached affordability guidance; caught by human review pre-customer impact. | Prompt/config constraint gap; missing explicit affordability constraint. | Updated prompts/config; added explicit affordability guardrail; delivered targeted reviewer training; incident template added to playbook. | Closed |
Regulatory reporting (illustrative): No events met the threshold for external notification this period.
I-01 is logged as a board-visible near miss.
5. Controls & Testing
Key controls and their effectiveness
Mapped to: internal governance standard
AIG-01 and sector guidance (illustrative)| Control ID | Control Description | Systems in Scope | Owner | Testing Frequency | Last Test Date | Result |
|---|---|---|---|---|---|---|
| C-01 | Human-in-the-loop review for all high-impact AI credit decisions. | S-01 | Risk | Each batch | 2026-02-20 | Effective — no unreviewed high-impact decisions identified. |
| C-02 | Pre-deployment configuration and prompt review for Tier 1–2 systems. | S-01, S-03 | AI Governance | Per deployment | 2026-02-05 | Minor findings — additional documentation required; addressed within the period. |
| C-03 | Quarterly model performance and drift review with challenge from Risk. | S-01 | Model Risk | Quarterly | 2026-02-12 | Effective — within tolerance; no recalibration required. |
Control gaps identified: documentation for C-02 tightened; plan to extend quarterly drift review (C-03) to S-03 after go-live.
6. Provider & Infrastructure View
How external AI providers and infrastructure are used
Frontier / hosted AI services
- Total API calls: 1.8M (vs prior quarter: +12%)
- High-risk use cases: 2 (S-01, S-03)
- Incidents: 1 (see I-01)
Providers used with contractual safeguards, internal guardrails, and pre-deployment reviews (illustrative).
Contracts include data-use and audit clauses aligned with
AIG-03.
GPU-backed workloads
- GPU hours: 420 (vs prior quarter: +8%)
- New models deployed: 1 (S-03)
- Governance reviews: 3 (pre go-live)
Workloads run in restricted cloud with network, identity, and logging controls aligned to the institution’s security policies (illustrative).
Executive access & device posture. Access to AI systems and Trust Ledger content is restricted to managed devices with strong authentication and central logging. Exceptions require explicit approval and time-bound controls (illustrative).
7. Board Actions & Approvals
Decisions requested from the Board
| Item | Description | Request | Recommended Decision | Deadline |
|---|---|---|---|---|
| BA-01 | Approve deployment of S-03 (AI vendor screening) into production with monitoring thresholds and human-review steps (see Sections 3 and 5). | Approve / Amend / Reject | Approve with conditions — quarterly review of false-positive/false-negative rates; explicit escalation trigger if thresholds breached. | 2026-03-10 |
| BA-02 | Confirm decommissioning of S-07 and long-term archival of logs and documentation for audit/supervisory review. | Confirm | Approve — no remaining business dependency; replacement system S-02 in place. | 2026-03-10 |
Board comments and sign-off can be appended as an annex or recorded in board minutes with references to BA-01 and BA-02.
8. Annex (Illustrative)
System profiles, incident reports, mappings
In a live deployment, annex sections can include:
- Detailed profiles for Tier 1–2 systems (scope, data, safeguards, metrics).
- Full incident and near-miss reports for entries like I-01.
- Mapping of AI controls to regulations and standards (sectoral + AI-specific).
- A glossary of key AI and governance terms for non-technical directors.