Hyble AI Use Policy Training Module
Estimated Completion Time: 10-15 minutesAudience: All employees, contractors and vendors using AI on Hyble's behalfFormat: Interactive learning module + quiz
AI at Hyble
Understanding how to safely and responsibly use AI tools at Hyble
Artificial Intelligence can significantly improve productivity, creativity and efficiency across the business. This training module will help you understand: 🔒 When AI is safe to use 📈 What data you can and cannot share ⚠️ How to apply the Hyble AI Risk Framework 🚨 When to escalate AI usage⚠️ Guidance on how we use AI at Hyble can be found in the AI Use Guidance document here:https://mrmsales.sharepoint.com/:w:/s/Transformation/IQDCdiUJN-MeT6R9LMUTs68EAXOzdbY0KoE6WZDGdIGqTM4?e=cZLeaq
Section 1
Purpose + Responsibilities
Why This Policy Exists
Why do we have an AI Use Policy?Click to find out more.
⚡️ Enable responsible experimentation and innovation. We want teams to explore how AI can improve productivity, creativity and workflows.
⚡️ Innovation
🧭 Provide clear guardrails. This policy helps you make safe decisions without needing approval every time.
🧭 Guidance
🔒 Protect our customers, data and reputation. AI tools can introduce risks around confidentiality, intellectual property and accuracy.
🔒 Protection
👀 Ensure oversight where risk is higher. Some AI use cases require additional validation or approval.
👀 Oversight
Who This Policy Applies To
This policy applies to:
Consultants or Vendors using AI on Hyble's Behalf
Contractors or Temporary Staff
ALL Hyble Employees
It also applies to:
Copilots and AI SaaS tools
Generative AI Platforms
External AI Tools
AI APIs or Integrations
This policy does NOT cover AI embedded within Hyble's own product.
Roles and Responsibilities
We all have a role to play. Click to find out more!
- Using AI in line with this policy
- Reviewing AI outputs before use
- Applying professional judgement
- Escalating risks appropriately
Gamification
Microlearning
Learning strategy based on small units of content that are consumed quickly. Ideal for reinforcing concepts or learning in a flexible way..
Consists of applying game dynamics (challenges, rewards, levels) in learning environments to increase motivation and user engagement.
- Ensuring teams understand this policy
- Reviewing medium or high risk use cases
- Monitoring patterns of AI usage
- Overall AI Governance
- Ensuring regulatory compliance
- Managing organisational risk posture
Executive Team
Managers/HODs
Everyone
is responsible for...
are responsible for...
are responsible for...
Section 1 Recap
We also looked at who the policy applies to.The policy applies to:
- All Hyble employees
- Contractors and temporary staff
- Consultants or vendors using AI on Hyble's behalf
- The use of external AI tools such as generative AI platforms, copilots and AI SaaS tools
Finally, we discussed roles and responsibilities.We learned that:
- Everyone is responsible for using AI in line with this policy
- Individuals must review AI outputs before using them
- Managers + HODs help ensure teams apply this policy correctly
- The Exec Team oversees AI governance and risk management
In this section, we covered why Hyble has an Internal AI Use Policy and who it applies to. We learned that AI creates significant opportunities to improve productivity, innovation and efficiency across the business, but it must be used responsibly.This policy exists to:
- Enable responsible experimentation with AI
- Protect customer data, intellectual property and Hyble's reputation
- Provide clear guardrails so teams can make safe decisions
- Ensure appropriate oversight where risk is higher
🥡 The key takeaway is that AI tools support our work, but people remain responsible for how AI is used.
Quick Assessment
Which of the following best describes who this AI policy applies to?
Section 2
Accountability, Proportional Validation + Transparency
Human Accountability
AI supports decisions. Humans remain responsible. You are accountable for anything you:
- Publish
- Send
- Approve
- Rely on
Proportional Validation
The higher the risk, the more validation is required.
Low risk requires light review.High risk uses require structured validation.
Security + Confidentiality
Never enter sensitive information into public AI tools.Flip the cards for examples of sensitive data:
Information related to financial performance, pricing or business forecasts.Examples:
- Revenue forecasts
- Pricing strategy or margin calculations
- Financial performance reports
- Investment or budget planning
- Cost models for products or services
Information that identifies an individual person.Examples:
- Names of employees or customers
- Email addresses
- Phone numbers
- Job titles linked to a specific individual
- Home or office addresses
Information about a customer's organisation, project or interaction with Hyble.Examples:
- Customer company name linked to a project
- Details about a customer's campaign
- Customer support ticket descriptions
- Order history or project details for a specific client
Gamification
Microlearning
Learning strategy based on small units of content that are consumed quickly. Ideal for reinforcing concepts or learning in a flexible way..
Consists of applying game dynamics (challenges, rewards, levels) in learning environments to increase motivation and user engagement.
Customer Information
Financial Data
Personal Data
Formal documents that create legal obligations or regulatory commitments.Examples:
- Customer contracts or agreements
- Terms and conditions
- Regulatory submissions
- Legal clauses or compliance documentation
- Non-disclosure agreements (NDAs)
Assets or materials owned by Hyble's customers that are protected by copywright, trademarks or contractual agreements.Examples:
- Customer logos or brand assets
- Artwork or design files
- Brand guidelines
- Marketing campaign assets or creative concepts
Immediate Feedback
Engagement
Level of emotional and mental involvement of the user with the content. High engagement improves information retention and overall course experience.
It is the feedback received by the user immediately after an activity. Helps correct errors quickly and improves understanding.
Customer or Hyble Intellectual Property
Legal Documents
If unsure, ask your line manager or HOD.
Transparency
Do not present AI generated work as purely human where transparency matters:
Gamification
Microlearning
Learning strategy based on small units of content that are consumed quickly. Ideal for reinforcing concepts or learning in a flexible way..
Client-facing communications where AI materially influenced content.
Regulated communications (financial, legal, compliance-related).
Marketing claims or performance statements.
Consists of applying game dynamics (challenges, rewards, levels) in learning environments to increase motivation and user engagement.
Client Communications
Regulated Communications
Marketing Claims
Immediate Feedback
Engagement
Level of emotional and mental involvement of the user with the content. High engagement improves information retention and overall course experience.
It is the feedback received by the user immediately after an activity. Helps correct errors quickly and improves understanding.
When customers explicitly request disclosure.
Tender responses or formal proposals.
Where customers ask
Tender Responses
Section 2 Recap
Transparency may be required when AI has materially influenced work that affects customers or regulated communications.Examples include:
- Customer facing communications
- Marketing claims
- Formal proposals or tender responses
- Regulated communications
In this section, we explored three of the core principles guiding responsible AI use at Hyble.First, we discussed human accountability. We learned that AI can assist our work, but humans remain responsible for any outputs created using AI, including anything we publish, send or rely on.Next, we explored proportional validation. Not every AI interaction requires the same level of review. The level of validation should increase as the risk of the use case increases.For example:
- Low risk tasks may require light review
- Customer facing or high impact work requires more careful validation
🥡 The key takeaway is that AI outputs should always be reviewed carefully and used responsibly.
Quick Assessment
AI can support our work, but ___ remain responsible for the outputs
Section 3
The AI Risk Framework
Introduction
Introducing the AI Risk Framework: Why this section matters
AI can be used in many different ways across the business - from everyday productivity tasks to work that directly affects customers, financial decisions or stratgic planning.Because of this, not all AI use carries the same level of risk. Some uses of AI are low-risk and can be used freely with light review. Others involve sensitive information or business-critical decisions and therefore require stronger validation and oversight.Understanding the difference helps ensure that we can use AI confidently while protecting our customers, our data and Hyble's reputation.
Introducing the AI Risk Framework: Why this section matters
By the end of this section, you should feel confident identifying:
- Whether an AI use case is low, medium or high risk
- What data and tools are appropriate to use
- When additional validation or approval may be required
In this section, you will learn
- How the Hyble AI Risk framework works
- The difference between Tier 1, Tier 2 and Tier 3 AI use cases
- What level of validation and oversight is required for each tier
- The five questions to ask before using AI
💡 Key idea to remember The framework is not designed to slow teams down. It is designed to help teams use AI safely, responsibly and with confidence by applying the right level of validation for the level of risk.
AI Risk Framework
We'll cover these in more detail in the coming section, but these are 5 key questions to consciously think about each time you use AI.
🚦What Tier is this?
🔧 What tools can I use?
📈 What data is involved?
👀 Do I need approval or oversight?
✅ What level of validation is required?
Tier 1: Low Risk
Everyday Productivity
This tier should feel easy and empowering.
Examples
Summarising Internal Documents
Summarising Internal Documents
Brainstorming Ideas
Drafting Internal Emails
Internal analysis (with review)
Tier 1: Low Risk
Everyday Productivity
This tier should feel easy and empowering.
Data Sensitivity
No proprietary IP beyond broadly accessible internal content
No personal data or customer-sensitive data
Summarising Internal Documents
Non Confidential Internal Information
Approved Tools
Public tools if no confidential data is entered
Enterprise AI Tools
Tier 1: Low Risk
Everyday Productivity
This tier should feel easy and empowering.
Validation Requirement
Light Human Review
Approval/Oversight
Individual remains accountable
Documentation
None required
Tier 1: Low Risk
Everyday Productivity
Understanding data examples and risks
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Examples
Summarising Internal Documents
Internal analysis influencing decisions
Marketing Content
Customer Email Drafts
Code suggestions (non-critical)
Workflow automation
Workflow automation
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Data Sensitivity
Operational Data:Internal business performance and workflow data
Summarising Internal Documents
Limited customer information:Anonymize where possible, including hyble name or brand assets/IP
No highly sensitive financial, legal or HR data
Approved Tools
No public AI tools for sensitive data
Enterprise AI Tools ONLY
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Validation Requirement
Review for:- Unintended disclosure + IP risks
Full Human Validation before:
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Approval/Oversight
Oversight means:- People manager + HOD awareness of usage patterns
- Periodic review of outputs where AI materially influences work
- Escalation if impact could materially affect customer trust, financial outcomes or regulatory standing
Escalate to Tier 3 (High Risk) if:- Legal or financial decisions are involved
- Sensitive customer data is required
- Impact extends beyond routine operational influence
This is not per-instance sign off.
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Documentation
Formal documentation is not required in each instance. However:
- AI assisted outputs should be reviewable by People Manager if requested
- Material customer-facing or decision-influencing outputs should retain version history where possible
- Where AI materially influences customer deliverables, internal transparency is expected
- Patterns of AI usage should be periodically reviewed by the relevant People Manager
Documentation may include:- Saving prompts in shared folders (where material)
- Retaining draft history in approved tools
- Noting AI assistance in internal workflow comments
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
Understanding data examples and risks
Tier 3: High Risk
IP/Financial/Regulatory/Codebase Critical
You will need explicit sign off before proceeding.
Examples
Summarising Internal Documents
Financial Modelling or Decisions
Regulatory Submissions
Legal Contracts
Summarising Internal Documents
Use of sensitive customer or HR data
Workflow automation
Strategic planning outputs
Core product source code
Building AI platforms for external or customer use
Workflow automation
Tier 3: High Risk
IP/Financial/Regulatory/Codebase Critical
You will need explicit sign off before proceeding.
Data Sensitivity
Summarising Internal Documents
Personal Data
Legal Documentation
Financial Data
Core Intellectual Property
Strategic Documents
Approved Tools
Enterprise AI Tools ONLY, with restricted environments, approved by ELT
Tier 3: High Risk
IP/Financial/Regulatory/Codebase Critical
You will need explicit sign off before proceeding.
Validation Requirement
Approval/Oversight
- Structured, documented human validation
- Peer or second reviewer required
- Traceability of AI involvement
- AI may be used for initial validation (eg cross referencing pre-existing approved legal contracts and outlining incongruencies), but human validation is an essential requirement thereafter
- Explicit HOD sign off
- Escalation to Legal/Security where appropriate
- Technical QA/oversight where applicable (external builds)
Documentation
Record of review and validation as well as clear accountability trail
Tier 3: High Risk
IP/Financial/Regulatory/Codebase Critical
Understanding data examples and risks
Section 3 Recap
We explored the three risk tiers.Tier 1 - Low RiskExamples include everyday productivity tasks such as:
- Brainstorming ideas
- Drafting internal communications
- Summarising internal documents
These typically require light review and no approval.Ti
In this section, we introduced the Hyble AI Risk Tier Framework, which helps employees determine how AI should be used depending on the level of risk involved. We learned that before using AI, it is helpful to ask:
- What risk tier does this fall under?
- What data is involved?
- What tools are appropriate to use?
- What level of validation is required?
- Do I need oversight or approval?
WeWe We
🥡 The key takeaway is that AI outputs should always be reviewed carefully and used responsibly.
Section 3 Recap
Tier 3 - High Risk This tier includes situations involving sensitive data or strategic decisions.Examples include:
- Legal contracts
- Financial modelling
- Strategic planning
- Sensitive HR or customer data
These require formal validation, peer review and HOD approval.TisTi
Tier 2 - Medium RiskThis tier includes AI use that may influence customers or business decisions. Examples include:
- Customer communications
- Marketing content
- Operational analysis
These require full human validation before use. WeWe We
🥡 The key takeaway is that AI outputs should always be reviewed carefully and used responsibly.
Quick Assessment
Which of the following is NOT one of the questions you should ask before using AI?
Section 4
Escalation + Reporting
Escalation + Reporting
1. ⏸️ Pause2.👩💼 Ask your line manager 3.🚨Escalate to HOD if needed 4.🕵️♀️Engage Legal/Security for Tier 3 scenarios
Gamification
1. 🧑💼Your Line Manager2.🧑💻 Your HOD 3.👫HR/People Team 4.🖇️ Executive Team
Consists of applying game dynamics (challenges, rewards, levels) in learning environments to increase motivation and user engagement.
Concerns about misuse, bias or data exposure can be raised with...
If you're unsure...
There will be no retaliation for good faith reporting
Section 4 Recap
We also covered that concerns about AI misuse, bias or data exposure can be raised through:
- Your line manager
- Your HOD
- HR/People Team
- The Executive Team
Importantly, there will be no retaliation for good faith reporting or concerns. Your liTi
In this section, we discussed what to do if you are unsure about an AI use case or concerned about potential risks. We learned that if you are uncertain about whether AI should be used in a particular situation, the recommended approach is:1. Pause and consider the potential risks2. Ask your line manager for guidance3. Escalate to HOD if the situation may involve higher risk4. Engage legal or security for high-risk or regulated scenariosWe WeWe We
🥡 The key takeaway is that if you are unsure, it is always better to paise and ask for guidance before proceeding.
Section 5
Interactive Quiz
Quiz Time!
Fill in the blanks
Quiz Time!
Fill in the blanks
Quiz Time!
Select the correct answer
AI generated outputs are:
Quiz Time!
Select the correct answer
Which of the following should NOT be entered into a public AI tool?
Quiz Time!
Select the correct answer
Which tier involves customer facing content?
Quiz Time!
Select the correct answer
Which tier requires explicit HOD approval?
Quiz Time!
You want to use ChatGPT to draft a customer proposal using anonymised information. What tier does this fall under?
Quiz Time!
You are considering using AI to analyse internal operational data that includes customer identifiers. You are unsure whether this is allowed under the AI policy. What is the correct first step?
We love to hear your feedback!
You can provide feedback on this Internal AI Use Policy so we can continue to review and refine here:https://form.typeform.com/to/mxAyRn5D⚠️ Guidance on how we use AI at Hyble can be found in the AI Use Guidance document here:https://mrmsales.sharepoint.com/:w:/s/Transformation/IQDCdiUJN-MeT6R9LMUTs68EAXOzdbY0KoE6WZDGdIGqTM4?e=cZLeaq
If you have any questions regarding this policy, you can reach out to...
Caroline, Bryony, Katie or Charlie.
Hyble AI Use Policy Training Module
Bryony Rosier
Created on March 11, 2026
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Essential Course
View
Practical Course
View
Basic Interactive Course
View
Course 3D Style
View
Minimal Course
View
Neodigital CPD Course
View
Laws and Regulations Course
Explore all templates
Transcript
Hyble AI Use Policy Training Module
Estimated Completion Time: 10-15 minutesAudience: All employees, contractors and vendors using AI on Hyble's behalfFormat: Interactive learning module + quiz
AI at Hyble
Understanding how to safely and responsibly use AI tools at Hyble
Artificial Intelligence can significantly improve productivity, creativity and efficiency across the business. This training module will help you understand: 🔒 When AI is safe to use 📈 What data you can and cannot share ⚠️ How to apply the Hyble AI Risk Framework 🚨 When to escalate AI usage⚠️ Guidance on how we use AI at Hyble can be found in the AI Use Guidance document here:https://mrmsales.sharepoint.com/:w:/s/Transformation/IQDCdiUJN-MeT6R9LMUTs68EAXOzdbY0KoE6WZDGdIGqTM4?e=cZLeaq
Section 1
Purpose + Responsibilities
Why This Policy Exists
Why do we have an AI Use Policy?Click to find out more.
⚡️ Enable responsible experimentation and innovation. We want teams to explore how AI can improve productivity, creativity and workflows.
⚡️ Innovation
🧭 Provide clear guardrails. This policy helps you make safe decisions without needing approval every time.
🧭 Guidance
🔒 Protect our customers, data and reputation. AI tools can introduce risks around confidentiality, intellectual property and accuracy.
🔒 Protection
👀 Ensure oversight where risk is higher. Some AI use cases require additional validation or approval.
👀 Oversight
Who This Policy Applies To
This policy applies to:
Consultants or Vendors using AI on Hyble's Behalf
Contractors or Temporary Staff
ALL Hyble Employees
It also applies to:
Copilots and AI SaaS tools
Generative AI Platforms
External AI Tools
AI APIs or Integrations
This policy does NOT cover AI embedded within Hyble's own product.
Roles and Responsibilities
We all have a role to play. Click to find out more!
Gamification
Microlearning
Learning strategy based on small units of content that are consumed quickly. Ideal for reinforcing concepts or learning in a flexible way..
Consists of applying game dynamics (challenges, rewards, levels) in learning environments to increase motivation and user engagement.
Executive Team
Managers/HODs
Everyone
is responsible for...
are responsible for...
are responsible for...
Section 1 Recap
We also looked at who the policy applies to.The policy applies to:
- All Hyble employees
- Contractors and temporary staff
- Consultants or vendors using AI on Hyble's behalf
- The use of external AI tools such as generative AI platforms, copilots and AI SaaS tools
Finally, we discussed roles and responsibilities.We learned that:In this section, we covered why Hyble has an Internal AI Use Policy and who it applies to. We learned that AI creates significant opportunities to improve productivity, innovation and efficiency across the business, but it must be used responsibly.This policy exists to:
🥡 The key takeaway is that AI tools support our work, but people remain responsible for how AI is used.
Quick Assessment
Which of the following best describes who this AI policy applies to?
Section 2
Accountability, Proportional Validation + Transparency
Human Accountability
AI supports decisions. Humans remain responsible. You are accountable for anything you:
Proportional Validation
The higher the risk, the more validation is required.
Low risk requires light review.High risk uses require structured validation.
Security + Confidentiality
Never enter sensitive information into public AI tools.Flip the cards for examples of sensitive data:
Information related to financial performance, pricing or business forecasts.Examples:
Information that identifies an individual person.Examples:
Information about a customer's organisation, project or interaction with Hyble.Examples:
Gamification
Microlearning
Learning strategy based on small units of content that are consumed quickly. Ideal for reinforcing concepts or learning in a flexible way..
Consists of applying game dynamics (challenges, rewards, levels) in learning environments to increase motivation and user engagement.
Customer Information
Financial Data
Personal Data
Formal documents that create legal obligations or regulatory commitments.Examples:
Assets or materials owned by Hyble's customers that are protected by copywright, trademarks or contractual agreements.Examples:
Immediate Feedback
Engagement
Level of emotional and mental involvement of the user with the content. High engagement improves information retention and overall course experience.
It is the feedback received by the user immediately after an activity. Helps correct errors quickly and improves understanding.
Customer or Hyble Intellectual Property
Legal Documents
If unsure, ask your line manager or HOD.
Transparency
Do not present AI generated work as purely human where transparency matters:
Gamification
Microlearning
Learning strategy based on small units of content that are consumed quickly. Ideal for reinforcing concepts or learning in a flexible way..
Client-facing communications where AI materially influenced content.
Regulated communications (financial, legal, compliance-related).
Marketing claims or performance statements.
Consists of applying game dynamics (challenges, rewards, levels) in learning environments to increase motivation and user engagement.
Client Communications
Regulated Communications
Marketing Claims
Immediate Feedback
Engagement
Level of emotional and mental involvement of the user with the content. High engagement improves information retention and overall course experience.
It is the feedback received by the user immediately after an activity. Helps correct errors quickly and improves understanding.
When customers explicitly request disclosure.
Tender responses or formal proposals.
Where customers ask
Tender Responses
Section 2 Recap
Transparency may be required when AI has materially influenced work that affects customers or regulated communications.Examples include:
In this section, we explored three of the core principles guiding responsible AI use at Hyble.First, we discussed human accountability. We learned that AI can assist our work, but humans remain responsible for any outputs created using AI, including anything we publish, send or rely on.Next, we explored proportional validation. Not every AI interaction requires the same level of review. The level of validation should increase as the risk of the use case increases.For example:
🥡 The key takeaway is that AI outputs should always be reviewed carefully and used responsibly.
Quick Assessment
AI can support our work, but ___ remain responsible for the outputs
Section 3
The AI Risk Framework
Introduction
Introducing the AI Risk Framework: Why this section matters
AI can be used in many different ways across the business - from everyday productivity tasks to work that directly affects customers, financial decisions or stratgic planning.Because of this, not all AI use carries the same level of risk. Some uses of AI are low-risk and can be used freely with light review. Others involve sensitive information or business-critical decisions and therefore require stronger validation and oversight.Understanding the difference helps ensure that we can use AI confidently while protecting our customers, our data and Hyble's reputation.
Introducing the AI Risk Framework: Why this section matters
By the end of this section, you should feel confident identifying:
In this section, you will learn
💡 Key idea to remember The framework is not designed to slow teams down. It is designed to help teams use AI safely, responsibly and with confidence by applying the right level of validation for the level of risk.
AI Risk Framework
We'll cover these in more detail in the coming section, but these are 5 key questions to consciously think about each time you use AI.
🚦What Tier is this?
🔧 What tools can I use?
📈 What data is involved?
👀 Do I need approval or oversight?
✅ What level of validation is required?
Tier 1: Low Risk
Everyday Productivity
This tier should feel easy and empowering.
Examples
Summarising Internal Documents
Summarising Internal Documents
Brainstorming Ideas
Drafting Internal Emails
Internal analysis (with review)
Tier 1: Low Risk
Everyday Productivity
This tier should feel easy and empowering.
Data Sensitivity
No proprietary IP beyond broadly accessible internal content
No personal data or customer-sensitive data
Summarising Internal Documents
Non Confidential Internal Information
Approved Tools
Public tools if no confidential data is entered
Enterprise AI Tools
Tier 1: Low Risk
Everyday Productivity
This tier should feel easy and empowering.
Validation Requirement
Light Human Review
Approval/Oversight
Individual remains accountable
Documentation
None required
Tier 1: Low Risk
Everyday Productivity
Understanding data examples and risks
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Examples
Summarising Internal Documents
Internal analysis influencing decisions
Marketing Content
Customer Email Drafts
Code suggestions (non-critical)
Workflow automation
Workflow automation
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Data Sensitivity
Operational Data:Internal business performance and workflow data
Summarising Internal Documents
Limited customer information:Anonymize where possible, including hyble name or brand assets/IP
No highly sensitive financial, legal or HR data
Approved Tools
No public AI tools for sensitive data
Enterprise AI Tools ONLY
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Validation Requirement
Review for:- Factural accuracy
- Tone + brand alignment
- Bias
- Unintended disclosure + IP risks
Full Human Validation before:- External release
- Customer communication
- Operational decisions
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Approval/Oversight
Oversight means:- People manager + HOD awareness of usage patterns
- Periodic review of outputs where AI materially influences work
- Escalation if impact could materially affect customer trust, financial outcomes or regulatory standing
Escalate to Tier 3 (High Risk) if:- Legal or financial decisions are involved
- Sensitive customer data is required
- Impact extends beyond routine operational influence
This is not per-instance sign off.
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
This is the most important tier to apply judgement.
Documentation
Formal documentation is not required in each instance. However:
Documentation may include:- Saving prompts in shared folders (where material)
- Retaining draft history in approved tools
- Noting AI assistance in internal workflow comments
Tier 2: Medium Risk
Customer-Facing or Decision-Influencing
Understanding data examples and risks
Tier 3: High Risk
IP/Financial/Regulatory/Codebase Critical
You will need explicit sign off before proceeding.
Examples
Summarising Internal Documents
Financial Modelling or Decisions
Regulatory Submissions
Legal Contracts
Summarising Internal Documents
Use of sensitive customer or HR data
Workflow automation
Strategic planning outputs
Core product source code
Building AI platforms for external or customer use
Workflow automation
Tier 3: High Risk
IP/Financial/Regulatory/Codebase Critical
You will need explicit sign off before proceeding.
Data Sensitivity
Summarising Internal Documents
Personal Data
Legal Documentation
Financial Data
Core Intellectual Property
Strategic Documents
Approved Tools
Enterprise AI Tools ONLY, with restricted environments, approved by ELT
Tier 3: High Risk
IP/Financial/Regulatory/Codebase Critical
You will need explicit sign off before proceeding.
Validation Requirement
Approval/Oversight
Documentation
Record of review and validation as well as clear accountability trail
Tier 3: High Risk
IP/Financial/Regulatory/Codebase Critical
Understanding data examples and risks
Section 3 Recap
We explored the three risk tiers.Tier 1 - Low RiskExamples include everyday productivity tasks such as:
- Brainstorming ideas
- Drafting internal communications
- Summarising internal documents
These typically require light review and no approval.TiIn this section, we introduced the Hyble AI Risk Tier Framework, which helps employees determine how AI should be used depending on the level of risk involved. We learned that before using AI, it is helpful to ask:
- What risk tier does this fall under?
- What data is involved?
- What tools are appropriate to use?
- What level of validation is required?
- Do I need oversight or approval?
WeWe We🥡 The key takeaway is that AI outputs should always be reviewed carefully and used responsibly.
Section 3 Recap
Tier 3 - High Risk This tier includes situations involving sensitive data or strategic decisions.Examples include:
- Legal contracts
- Financial modelling
- Strategic planning
- Sensitive HR or customer data
These require formal validation, peer review and HOD approval.TisTiTier 2 - Medium RiskThis tier includes AI use that may influence customers or business decisions. Examples include:
- Customer communications
- Marketing content
- Operational analysis
These require full human validation before use. WeWe We🥡 The key takeaway is that AI outputs should always be reviewed carefully and used responsibly.
Quick Assessment
Which of the following is NOT one of the questions you should ask before using AI?
Section 4
Escalation + Reporting
Escalation + Reporting
1. ⏸️ Pause2.👩💼 Ask your line manager 3.🚨Escalate to HOD if needed 4.🕵️♀️Engage Legal/Security for Tier 3 scenarios
Gamification
1. 🧑💼Your Line Manager2.🧑💻 Your HOD 3.👫HR/People Team 4.🖇️ Executive Team
Consists of applying game dynamics (challenges, rewards, levels) in learning environments to increase motivation and user engagement.
Concerns about misuse, bias or data exposure can be raised with...
If you're unsure...
There will be no retaliation for good faith reporting
Section 4 Recap
We also covered that concerns about AI misuse, bias or data exposure can be raised through:
- Your line manager
- Your HOD
- HR/People Team
- The Executive Team
Importantly, there will be no retaliation for good faith reporting or concerns. Your liTiIn this section, we discussed what to do if you are unsure about an AI use case or concerned about potential risks. We learned that if you are uncertain about whether AI should be used in a particular situation, the recommended approach is:1. Pause and consider the potential risks2. Ask your line manager for guidance3. Escalate to HOD if the situation may involve higher risk4. Engage legal or security for high-risk or regulated scenariosWe WeWe We
🥡 The key takeaway is that if you are unsure, it is always better to paise and ask for guidance before proceeding.
Section 5
Interactive Quiz
Quiz Time!
Fill in the blanks
Quiz Time!
Fill in the blanks
Quiz Time!
Select the correct answer
AI generated outputs are:
Quiz Time!
Select the correct answer
Which of the following should NOT be entered into a public AI tool?
Quiz Time!
Select the correct answer
Which tier involves customer facing content?
Quiz Time!
Select the correct answer
Which tier requires explicit HOD approval?
Quiz Time!
You want to use ChatGPT to draft a customer proposal using anonymised information. What tier does this fall under?
Quiz Time!
You are considering using AI to analyse internal operational data that includes customer identifiers. You are unsure whether this is allowed under the AI policy. What is the correct first step?
We love to hear your feedback!
You can provide feedback on this Internal AI Use Policy so we can continue to review and refine here:https://form.typeform.com/to/mxAyRn5D⚠️ Guidance on how we use AI at Hyble can be found in the AI Use Guidance document here:https://mrmsales.sharepoint.com/:w:/s/Transformation/IQDCdiUJN-MeT6R9LMUTs68EAXOzdbY0KoE6WZDGdIGqTM4?e=cZLeaq
If you have any questions regarding this policy, you can reach out to...
Caroline, Bryony, Katie or Charlie.