Skip to main content
Lab Notes
Frameworks

Training Deck Outline (60–90 mins) — Slide‑by‑Slide

AI Safety Pack Component

PeopleSafetyLab|February 24, 2026|4 min read|intermediate

Training Deck Outline (60–90 mins) — Slide‑by‑Slide

Version: v1.0 Audience: all staff (plus optional role modules)

Trainer notes

  • Keep it practical: “what you can do tomorrow” + “how we prevent harm.”
  • Use 2–3 org‑specific examples (support, HR, engineering) to make it real.
  • Run the two‑scenario exercise and collect questions to refine policy.

Agenda (recommended 75 mins)

  1. Why this matters (10)
  2. What AI can/can’t do (10)
  3. Our rules (policy + use‑cases) (15)
  4. Data handling (10)
  5. Human review + accountability (10)
  6. Incident reporting (10)
  7. Exercise + quiz (10)

Slides

1. Title

  • “AI Safety at (Org): protect people + protect data”

2. Goals

  • Use AI productively
  • Avoid people harm
  • Avoid data leakage
  • Know what to do when something goes wrong

3. Real failure modes (examples)

  • Hallucinated advice → customer harm
  • Bias in screening → unfair outcomes
  • Privacy leak → regulatory + trust impact

4. What AI is good at

  • Drafting, summarizing, translation
  • Brainstorming, formatting
  • Pattern suggestions (with verification)

5. What AI is not good at

  • Truth guarantee
  • Hidden bias avoidance
  • Handling restricted data safely without controls

6. Our non‑negotiables (policy)

  • Human accountability
  • No restricted data in unapproved tools
  • No deceptive content
  • Escalate when unsure

7. Approved vs Conditional vs Prohibited (1‑pager)

  • Show 02-approved-prohibited-usecases.md
  • Emphasize: customer‑facing drafts = Conditional (review required)

8. The quick decision guide (matrix)

  • The three levers: data sensitivity (D), output exposure (O), decision criticality (C)
  • Reference: 02a-ai-use-case-matrix.md

9. Data rules — what you can paste

  • D0 Public / D1 Internal
  • Sanitized summaries of D2 Confidential only in approved tools

10. Data rules — what you cannot paste

  • D3 Restricted: PII, credentials/secrets, regulated records
  • Contracts/pricing unless tool is approved and access controlled

11. Human review (HITL)

  • What requires review (anything external)
  • What “review” means: check facts, tone, and data leakage

12. Quality checks (practical)

  • Verify numbers, names, dates, policies
  • Ask for sources; don’t invent citations
  • Use checklists (support/comms)

13. Reporting an AI incident (and near‑miss)

  • Channel + who to notify
  • What to include: screenshots, tool used, data types, who received output
  • Report within 24 hours
  • Examples of near‑misses: pasted PII into the wrong tool; almost auto‑sent an unreviewed draft

14. Mini exercise (5 minutes)

Ask: Approved / Conditional / Prohibited?

  • Scenario A: draft a customer email using ticket text containing phone number
  • Scenario B: summarize internal meeting notes

15. Quiz (10 questions)

  1. True/False: If AI wrote it, I can send it to a customer as long as it sounds confident.
  2. Which data is always Restricted (D3)? (a) public blog post (b) customer phone + address (c) product feature list
  3. True/False: Candidate ranking using personal data is allowed if the AI is “just recommending.”
  4. What must happen before any external output is sent? (a) nothing (b) human review/approval (c) auto-send with disclaimer
  5. Name two examples of an AI incident/near‑miss.
  6. Which control best matches “weekly sampling to detect hallucinations”? (C‑Q1 / C‑L1 / C‑A1)
  7. True/False: Pasting API keys into prompts is acceptable if you delete the chat later.
  8. When should you escalate instead of replying? (choose one example)
  9. Who owns the kill switch for high-severity AI failures in a workflow?
  10. What evidence artifact proves training was completed?

16. Exercise (Support scenario)

  • Give agents 3 draft AI responses.
  • Task: mark which parts are grounded in KB vs hallucinated.
  • Rewrite the response to comply with: grounding rule + escalation rule + no restricted data.
  • Debrief: what signals triggered escalation? what control failed?

Optional role modules (15–30 mins each)

Support

  • KB grounding; escalation rules; QA sampling (C‑Q1)

HR

  • Default prohibited decisions; bias risks; audit trail (C‑L2)

Engineering

  • Secrets handling; code review; tool approval process

Leadership

  • Governance cadence; exception handling; metrics
P

PeopleSafetyLab

Independent AI safety research for organisations and families in Saudi Arabia and the GCC. All research is editorially independent. PeopleSafetyLab has no consulting clients and does not conduct paid audits.

Share this article: