BrianOnAI logoBrianOnAI

AI Project Intake Form Template

Screen new AI projects before development begins. Captures business case, data requirements, risk level, compliance considerations, and required approvals. Ensures nothing launches without proper review.

Templates

Get This Resource Free

Sign up for Explorer (free) to download this resource.

Create Free Account

Key Insights

Governance review should happen before AI development begins, not after systems are built. An intake form ensures every AI project goes through proper review—capturing the information governance needs to assess risk, identify requirements, and approve (or redirect) projects appropriately.

This template provides a comprehensive intake form: project information, business case, data requirements, risk indicators, and approval routing—ensuring consistent, complete submissions for governance review.

Overview

"We built this AI, now what do we need for compliance?" This question indicates governance failed. Review should happen at intake, not after development investment. An intake form gates AI projects—nothing moves forward without providing the information governance needs.

This template provides the intake form structure. Customize fields for your organization's requirements; implement as a workflow in your project management or GRC system.

What's Inside

Section 1: Project Information

  • Project identification (name, ID, dates)
  • Requestor and executive sponsor
  • Project type classification:
    • New AI tool deployment
    • Enhancement to existing AI
    • Third-party vendor integration
    • Custom AI/ML development
    • AI-powered automation
    • Proof of concept/pilot

Section 2: Business Case

  • Problem statement: What business problem does this solve?
  • Proposed solution: How will AI be used?
  • Expected benefits: Measurable outcomes
  • Alternatives considered: Why AI over non-AI solutions?

Section 3: Data Requirements

  • Data sources (internal, customer, third-party, public, user-generated)
  • Data classification (public, internal, confidential, restricted)
  • Sensitive data types checklist:
    • PII (Personally Identifiable Information)
    • PHI (Protected Health Information)
    • Financial/payment card data
    • Biometric data
    • Location data
    • Employee data
    • Minor's data
    • Other protected categories

Section 4: Risk Indicators

  • High-risk use case triggers (automated decisions, customer-facing, regulated activity)
  • EU AI Act high-risk category assessment
  • Regulatory requirement identification
  • Third-party/vendor involvement

Section 5: Approval Routing

  • Risk tier determination (High, Medium, Low)
  • Required reviews based on risk tier
  • Governance committee review requirement
  • Approval signatures

Who This Is For

  • AI Governance Teams implementing intake processes
  • CAIO Offices managing project portfolios
  • Project Managers submitting AI projects
  • Business Units requesting AI capabilities
  • Compliance Officers ensuring review coverage

Why This Resource

Consistent intake enables consistent governance. This form ensures every AI project provides the same information—making risk assessment reliable and governance decisions defensible. No more "we didn't know it used customer data."

Risk-based routing ensures high-risk projects get appropriate review without slowing low-risk initiatives.

FAQ

Q: How do we implement this form?

A: Options include: PDF/Word for simple submission, web form in GRC or workflow tools, integration with project portfolio management. The template provides content; implementation depends on your systems.

Q: What happens after submission?

A: Governance team triages based on risk indicators, assigns risk tier, routes to appropriate reviews, and schedules governance committee review for high-risk projects. Define your workflow based on risk tiers.

Q: Can projects proceed before governance approval?

A: Policy decision for your organization. Best practice: low-risk projects may proceed with standard controls; medium/high-risk projects require explicit approval before development investment.

What's Inside

Section 1: Project Information

  • Project identification (name, ID, dates)
  • Requestor and executive sponsor
  • Project type classification:
    • New AI tool deployment
    • Enhancement to existing AI
    • Third-party vendor integration
    • Custom AI/ML development
    • AI-powered automation
    • Proof of concept/pilot

Section 2: Business Case

  • Problem statement: What business problem does this solve?
  • Proposed solution: How will AI be used?
  • Expected benefits: Measurable outcomes
  • Alternatives considered: Why AI over non-AI solutions?

Section 3: Data Requirements

  • Data sources (internal, customer, third-party, public, user-generated)
  • Data classification (public, internal, confidential, restricted)
  • Sensitive data types checklist:
    • PII (Personally Identifiable Information)
    • PHI (Protected Health Information)
    • Financial/payment card data
    • Biometric data
    • Location data
    • Employee data
    • Minor's data
    • Other protected categories

Section 4: Risk Indicators

  • High-risk use case triggers (automated decisions, customer-facing, regulated activity)
  • EU AI Act high-risk category assessment
  • Regulatory requirement identification
  • Third-party/vendor involvement

Section 5: Approval Routing

  • Risk tier determination (High, Medium, Low)
  • Required reviews based on risk tier
  • Governance committee review requirement
  • Approval signatures

Ready to Get Started?

Sign up for a free Explorer account to download this resource and access more AI governance tools.

Create Free Account