Production AI deployment checklist
Before a production AI system touches customers, employees, regulated workflows, code, payments, or confidential data, it needs evidence across all eight PSF domains.
Input governance
User, tool, file, and retrieved inputs are treated as untrusted and validated before model use.
Output validation
Model outputs are parsed, checked, bounded, and blocked before downstream systems act on them.
Data protection
Prompts, logs, traces, embeddings, and outputs follow minimisation, retention, consent, and deletion rules.
Observability
The team can reconstruct inference chains, detect degradation, and alert on quality, safety, cost, and latency.
Deployment safety
Model, prompt, tool, and retrieval changes are versioned, tested, canaried, and reversible.
Human oversight
High-stakes or irreversible actions have review, escalation, contestability, and skill-maintenance controls.
Security
The AI threat model includes prompt injection, tool abuse, secret leakage, data exfiltration, and supply-chain risks.
Vendor resilience
Fallback providers, abstraction layers, exit plans, and data portability are tested before dependency failure.
When to block launch
A missing control is not automatically a launch blocker. It becomes a blocker when the system can create material customer, legal, financial, safety, security, or employment consequences before a human can intervene.
Open interactive checklist