← Back to AI Governance Templates

Model Lifecycle Policies

Model Deployment and Change Management Policy

Explains the change-control process for AI deployments.

Owner: Change Advisory Board

Purpose

Maintain governance continuity when AI models move from validation into live environments by enforcing standardized change-control, communication, and rollback procedures.

Scope

Applies to all net-new production deployments, model updates, prompt revisions, configuration changes, infrastructure migrations, and emergency fixes affecting AI services.

  • Blue/green, canary, and rolling deployments
  • Prompt library updates for generative AI
  • Infrastructure changes impacting inference runtime
  • Emergency hotfixes triggered by incidents or regulatory requests

Definitions

  • Change Advisory Board (CAB): Cross-functional group that approves high-risk deployments.
  • Deployment Plan: Document describing scope, dependencies, rollout steps, monitoring, and rollback.
  • Material Change: Any change affecting outputs, safety controls, customer experience, or regulatory obligations.

Policy

No AI deployment may proceed without an approved change ticket, documented deployment plan, and tested rollback procedure. Changes must respect blackout windows and ensure stakeholders are notified. Post-deployment validation is mandatory within 24 hours.

Roles and Responsibilities

Deployment Manager orchestrates change tickets and communication. Model Owner validates scope and ensures readiness artifacts are attached. CAB reviews high-risk changes. SRE executes deployment and rollback activities.

Procedures

Deployment workflow consists of:

  • Change ticket creation with model IDs, environments, and desired deployment window.
  • Risk classification to determine whether CAB approval is required.
  • Deployment plan including dependencies, steps, monitoring hooks, and rollback triggers.
  • Stakeholder notification (business, Support, Compliance) at least 48 hours in advance.
  • Pre-deployment checklist covering backups, access review, and feature flag configuration.
  • Execution with real-time monitoring and human-on-call coverage.
  • Post-deployment validation and sign-off; initiate rollback if KPIs drift or guardrails breach.

Exceptions

Emergency fixes may bypass CAB approval but must be logged, reviewed within two business days, and accompanied by a remediation plan for any skipped controls.

Review Cadence

Change success rate, number of emergency deployments, and rollback frequency are reviewed monthly. CAB updates deployment standards every six months or after critical incidents.

References

  • ISO/IEC 42001:2023 Clause 8.5 (Operational change management)
  • ITIL Change Enablement guidance
  • Internal documents: Deployment Playbook, Incident Response Policy, Release Communications SOP
Model Deployment and Change Management Policy | VerifyWise AI Governance Templates