The professional standard for production AI deployment
Read the PSFResearch libraryAgent Readiness IndexPublic benchmarkFor organisationsPartner ProgrammeVerify a credentialFor nonprofits & NGOsContact
PSF implementation artifacts

AI control templates teams can use immediately.

Copy-ready templates for the operational artifacts the Production Safety Framework expects to see: boundaries, validation, data handling, telemetry, release gates, oversight, tool permissions, and fallback planning.

Build evidence packView benchmarkRead PSF
Templates8
PSF domains8
FormatMarkdown
AccessPublic
D1 Input boundary

Input Boundary Register

Chatbots, copilots, intake agents, document processors, and API-facing AI services.

# Input Boundary Register

PSF domain: D1 Input boundary
Status: Draft
Owner: [name / role]
Last reviewed: [YYYY-MM-DD]

## Purpose

Keep untrusted, excessive, or sensitive inputs from reaching the model without documented controls.

## Scope

- User-supplied prompts and uploaded files
- Retrieved context and tool-returned content
- System prompts, hidden instructions, and policy text
- Inputs containing PII, credentials, regulated data, or high-risk requests

## Minimum Fields

- Input class
- Accepted format
- Maximum length or size
- PII handling
- Injection handling
- Route on rejection
- Owner

## Operating Rules

- Validate type, size, and structure before any model call.
- Detect prompt injection and instruction override attempts before model execution.
- Redact, tokenize, or block sensitive data according to the data handling record.
- Log rejection reason, route, and reviewer when manual review is required.

## Required Evidence

- Input schema or validation code
- Injection test cases
- PII redaction policy
- Rejected-input log sample

## Review Cadence

- Review monthly for new input classes.
- Review after every new integration, file type, or retrieval source.
- Run injection regression tests before release.

## Exceptions

- Name the approver for any input class allowed without validation.
- Record expiry date and compensating control for each exception.

## Sign-off

- Control owner: [name]
- Technical owner: [name]
- Business owner: [name]
- Next review date: [YYYY-MM-DD]
Crawlable template index

What the library covers

D1 Input boundary

Input Boundary Register

Defines what the AI system is allowed to receive, reject, redact, or route for human review.

D2 Output validation

Output Validation Contract

Turns raw model output into a controlled contract before it reaches users, systems, or downstream automations.

D3 Data stewardship

AI Data Handling Record

Documents what data the AI system uses, where it goes, how long it is retained, and who can access it.

D4 Observability

AI Observability Minimum Signals

Defines the minimum telemetry needed to operate, debug, and improve an AI system in production.

D5 Deployment control

Model Change Gate

Creates a release gate for model, prompt, tool, retrieval, or policy changes before production rollout.

D6 Human oversight

Autonomy and Human Oversight Matrix

Maps what the AI system can do alone, what requires review, and what it must never do.

D7 Security posture

Tool Permission Register

Documents every tool, integration, credential, and permission available to the AI system.

D8 Ecosystem resilience

Provider Fallback Plan

Defines how the AI system keeps operating when a model, provider, API, or vendor changes or fails.