AI Monitoring Plan

Purpose

An AI Monitoring Plan defines what is tracked after an AI system is deployed — not just whether the infrastructure is running, but whether the model is still performing as intended, whether its outputs remain fair across demographic groups, and whether the operational environment has changed in ways that affect its behavior.

Most AI governance programs invest heavily in pre-deployment controls and underinvest in post-deployment monitoring. The result is that degradation, bias drift, and regulatory exposure accumulate undetected until they surface through complaints, audits, or incidents. This template operationalizes the monitoring commitment — turning "we'll monitor it" into a documented plan with specific metrics, thresholds, owners, and escalation paths.

This template includes two variants adapted to the team's delivery methodology. Select the one that matches how you work — the monitoring cadence and review integration differ meaningfully between stage-gate and sprint-based delivery.

Two Variants — One Template

The template includes both variants on a single form — select your methodology on page 1 and complete the sections relevant to your delivery approach.

Where It Fits in Your Document Pack

The Monitoring Plan feeds into the Governance Playbook (which reports on governance health) and the Incident Response Plan (which defines what happens when monitoring thresholds are breached). It is the operational connection between pre-deployment governance and the system's production lifecycle.

What This Template Covers

• Plan identification: system name, deployment date, plan author, methodology selection, and linked governance documents
• Monitoring scope: what is monitored (model outputs, data inputs, performance, fairness, regulatory compliance), what is out of scope, and the monitoring posture — proactive automated detection vs. periodic human review
• Key metrics registry: up to 8 metrics each with baseline value, warning threshold, critical threshold, measurement frequency, and responsible owner — covering accuracy, fairness, data drift, and operational metrics
• Drift detection approach: data drift detection method, concept drift detection, fairness drift monitoring, and the measurement window that distinguishes signal from noise
• Escalation procedures: the path from routine monitoring observation through investigation, intervention, and incident declaration — with specific triggers at each level
• Reporting cadence: structured table of all monitoring reports by audience, frequency, format, and owner — with plan-driven and agile variants
• Post-deployment ramp-up plan (plan-driven variant): 30/60/90-day intensive monitoring schedule with specific checks at each milestone
• Sprint-release monitoring protocol (agile variant): post-release window check within 48 hours of each production deployment, plus ongoing sprint-cadence review
• Review and sign-off with three-tier approval and revision history with trigger column
• Completion guidance page with field-by-field instructions including threshold calibration guidance

Framework Alignment

• EU AI Act Art. 72 — Post-market monitoring system requirements for high-risk AI: active collection and analysis of real-world performance data
• NIST AI RMF — MANAGE 4 — Risk treatments applied and monitored; ongoing performance evaluation and response to residual risk
• ISO/IEC 42001 Clause 9.1 — Monitoring, measurement, analysis and evaluation of AI management system performance
• SR 11-7 (Federal Reserve / OCC) — Ongoing model performance monitoring with documented outcomes for model risk management
• OECD AI Principles 1.4 — Robustness, security and safety: AI systems should be monitored throughout their operational lifecycle

Download