Back to AI governance templates
Model Lifecycle Policies

Model Retirement and Sunset Policy

Defines the steps when a model is decommissioned.

Owner: Model Owner

Purpose

Provide a predictable offboarding process for AI systems so that risk, regulatory, and data-retention obligations are satisfied when models are retired or replaced.

Scope

Applies to every AI model, inference service, prompt library, and data pipeline slated for decommissioning due to performance degradation, regulatory change, business sunset, or technology refresh.

  • Production services being replaced or consolidated
  • Shadow deployments that will not ship to production
  • Vendor models under expired contracts
  • Emergency shutdowns mandated by regulators

Definitions

  • Retirement Plan: Document capturing rationale, timeline, responsible parties, and dependencies.
  • Residual Risk: Risk that remains after the model is decommissioned (e.g., downstream systems relying on artifacts).
  • Data Retention Schedule: Policy defining how long associated data/artifacts must be kept.

Policy

No AI system may be retired without an approved plan that addresses communication, data retention, replacement systems, and residual controls. Inventory records must be updated with the retirement date, evidence of data disposition, and links to successor systems.

Roles and Responsibilities

Model Owner initiates the retirement plan and ensures downstream consumers are notified. Data Governance validates retention and deletion tasks. Security ensures secrets and credentials are revoked. Compliance confirms regulatory filings or customer notifications, if required.

Procedures

Retirement workflow includes:

  • Trigger event documentation (performance review, regulatory request, contract end).
  • Impact assessment on dependent services and SLAs.
  • Communication plan for stakeholders and customers.
  • Data retention/disposition checklist (training data, logs, prompts).
  • Access revocation and infrastructure teardown steps.
  • Post-retirement report summarizing completion and residual risk handling.

Exceptions

Temporary suspension instead of full retirement requires approval from Compliance and Security, with compensating controls (e.g., access restrictions, read-only mode) and a six-week review timer.

Review Cadence

Retirement metrics (number of models retired, outstanding tasks, residual risk items) are reviewed quarterly. Lessons learned feed into future change plans.

References

  • ISO/IEC 42001:2023 Clause 8.7 (Release, transfer, termination, closure)
  • Internal documents: Model Inventory Handbook, Data Retention Standard, Access Revocation SOP

Ready to implement this policy?

Use VerifyWise to customize, deploy, and track compliance with this policy template.

Get started freeBrowse all templates
Model Retirement and Sunset Policy | VerifyWise AI Governance Templates