Free small business AI resource

AI Prompt Governance Checklist

If a prompt is good enough for the team to reuse, it needs a name, owner, approved use, input rules, review rule, and retirement trigger. Use this checklist before a helpful one-off prompt becomes an unmanaged habit.

Use the checklist Copy the governance card

Prompt governance checklist

Seven checks before a prompt becomes a team asset

  1. Name the job, not the model. Use names like “Quote follow-up draft” or “Review response first draft,” not “ChatGPT prompt #4.”
  2. Assign an owner. One person owns the examples, approved language, test results, and version history.
  3. Define approved inputs. List the facts the user must paste in and the information the AI must never invent: prices, policies, guarantees, availability, legal claims, medical advice, financial advice, or HR decisions.
  4. Set privacy boundaries. Remove private customer details unless they are necessary and approved. Use old non-sensitive examples for testing.
  5. Require a human review rule. State who must check the output before it is sent, published, or copied into a customer record.
  6. Score it before sharing. Use the AI Prompt Quality Scorecard to score fact control, tone, editing effort, risk, and repeatability.
  7. Version and retire weak prompts. Add a version date. Retire prompts that create false facts, take too long to edit, or no longer match the business policy.

Copy/paste governance card

Prompt governance card template

Prompt name: [JOB THE PROMPT DOES]
Owner: [PERSON RESPONSIBLE]
Version date: [YYYY-MM-DD]
Approved users: [OWNER / MANAGER / FRONT DESK / TECHS / OTHER]
Approved use: [WHERE THIS PROMPT MAY BE USED]
Do not use for: [LEGAL / MEDICAL / FINANCIAL / HR / PRICING / POLICY / SENSITIVE DATA / OTHER]
Required inputs:
- Customer/business facts: [WHAT MUST BE PROVIDED]
- Source material: [EMAIL / NOTES / TRANSCRIPT / REVIEW / FORM / OTHER]
- Tone rule: [FRIENDLY / DIRECT / APOLOGETIC / CONCISE / OTHER]

AI must not:
- Invent prices, guarantees, dates, policy terms, or outcomes.
- Include private customer details not supplied for this task.
- Add pressure, fake urgency, or unsupported claims.

Human review rule:
[WHO CHECKS THE OUTPUT AND WHAT THEY MUST VERIFY]

Quality score before sharing:
Fact control: [1-5]
Tone match: [1-5]
Editing effort: [1-5]
Risk control: [1-5]
Repeatability: [1-5]

Decision:
[ ] Share with team
[ ] Rewrite and retest
[ ] Keep owner-only
[ ] Retire

Keep it lightweight

This is not a legal policy document. It is a practical control sheet so the business knows who owns a prompt, what it can do, what it must not do, and when a human must step in.

For a reusable prompt-library format, see the Prompt Card Template for Small Business AI.

Fast implementation

A 20-minute prompt governance sprint

  1. Pick the three prompts your team is most likely to reuse this month.
  2. Fill one governance card for each prompt.
  3. Run each prompt on two old examples and score the output.
  4. Rewrite any prompt with a score below 3 in any category.
  5. Put only the approved versions in the team's shared folder, SOP, or worksheet.

Related free resources

Start with five safer prompt examples.

Track one AI workflow for 30 days.

Turn approved prompts into SOP templates.

Want the full prompt workflow kit? The Small Business AI Profit Kit packages prompt starters, worksheets, prompt-card controls, rollout planning, and practical workflow templates for owners who want repeatable AI habits without giving up human review.

View the Small Business AI Profit Kit Request resource updates

Free resources stay available without subscribing. No phone, payment, or CAPTCHA required.