Welcome to the latest edition of The Sunday Prompt, where we explore the AI-driven shifts redefining work.

AI adoption is accelerating across organizations of every size and industry. What began as quiet experimentation is now embedded in daily workflows: emails, reports, customer interactions, internal documents. The tools are already in use.

Yet most companies still operate without a formal AI policy. No shared guardrails. No clear standards. No written framework to define what is acceptable and what is off-limits.

This gap introduces real risk. It also creates confusion, missed opportunities, and growing friction between individual initiative and organizational readiness.

Let me be clear. If AI is already in the building, the policy should be too.

Let’s dig in. 👇

AI is already in your organization.

It’s in the emails your team drafts with ChatGPT.
It’s in the complex Excel formulas generated by Copilot.
It’s in the Zoom meeting notes summarized with Otter.
It’s in the marketing copy your intern whipped up with Claude.

This is already happening. Approval or not.

And if you do not have a basic AI governance policy in place, the question is not when something will go sideways. The question is how big the mess will be.

You do not need a 20-page legal document.
You do not need an “AI Council.”
You do not need to make it complicated.

But you do need to draw the line between what is in bounds and what is absolutely not.

What’s at Stake

• An employee might paste customer data into Gemini without realizing it violates your privacy policy.

• Someone might rely on erroneous AI-generated output without review, then email it to your largest client.

• An engineer could paste code into ChatGPT for debugging help without realizing it contains embedded API keys or database credentials.

• Your internal playbook might end up in someone else’s training set, because no one ever said “don’t upload that.”

It is real, it is happening, and it is entirely preventable.

Every Company Needs an AI Policy

Yes, even yours.

You can build it in a day.
It should fit on a single page.
And it should answer five simple questions:

• What tools are approved for use?

• What kinds of data are safe to input?

• Which use cases are encouraged, and which are prohibited?

• What kind of review is required before outputs go out the door?

• Who do we go to with questions or ideas?

Write it in plain language.
Share it widely.
Update it regularly.

A clear policy sets boundaries, builds confidence, and gives your team the structure to explore AI safely and responsibly. It puts something official on the record, covering key risks, setting expectations, and creating a shared framework for how AI gets used.

Starter AI Policy for Beginners

A one-page foundation for responsible AI use in any organization

Purpose
This policy outlines how we use AI tools responsibly and productively at [Company Name]. It applies to all employees, contractors, and anyone acting on behalf of the company.

What We Mean by AI
Any tool or platform that generates content, predictions, summaries, or decisions using machine learning, natural language processing, or automation. This includes but is not limited to ChatGPT, Microsoft Copilot, Claude, and Google Workspace AI tools.

Approved Tools
As of today, the following tools are approved for use:
[Insert tools your team currently uses, such as ChatGPT, Microsoft Copilot, Claude, etc.]

To request approval for a new tool, contact [Person/Team].

Data and Privacy Rules
Do not share:

• Customer or client personal information

• Financial records

• Internal performance, HR, or legal documents

• Proprietary company strategy or IP

Only use AI tools with public, anonymized, or internal content cleared for use.

What’s Encouraged

• Brainstorming ideas

• Drafting content or communications

• Summarizing notes or long documents

• Supporting analysis and decision prep

What’s Off Limits

• Letting AI outputs go out the door without human review

• Using AI to impersonate a person or mislead an audience

• Sharing company IP with unapproved platforms

• Using AI to create biased, discriminatory, or legally risky content

Accountability
The [Role/Department] oversees this policy.
If you’re unsure, ask before you act.
Report any concerns to [Contact].

Review Cycle
This policy will be reviewed [quarterly/annually] and updated as our tools and use cases evolve.

This sample plan assumes your organization has not yet deployed its own custom generative AI solution. If you do not have an AI policy in place, there is a good chance you have not.

Consider Offering a Period of AI Immunity

Many employees have already experimented with AI tools. Some may have uploaded documents, shared customer data, or used outputs in production work. A limited window of immunity gives them permission to be honest. No consequences. No finger-pointing. Just a structured opportunity to bring that activity into the open. Invite them to share what they have tried, what tools they are using, and where they see risks or concerns. This builds trust, creates visibility, and helps you shape policy around real behavior rather than assumptions.

Who Should Lead the Work

The most effective approach is a small cross-functional team. Ideally, your HR leader takes the lead, especially if they bring a strategic view of policy, culture, and organizational change. They should partner with someone from IT or security who understands the technical landscape, along with a business leader who knows how AI is already showing up in daily work. Together, they can create a policy that is practical, clear, and trusted across the organization.

Why HR, you ask? Because HR sees across the organization. They understand its cultural texture and know how to align communication, training, and behavior around new policy.

If that setup is not practical, appoint the person on your team who is already asking smart questions about AI, understands how work gets done across functions, and builds trust across departments. This is less about job title and more about judgment, communication, and follow-through.

Final Thought

AI is already shaping how work gets done. The tools are in use, the stakes are rising, and the pace continues to accelerate.

Alignment is the key to success for any organizational initiative. A well-defined policy creates structure, earns trust, and gives your team the confidence to move forward with purpose. It also brings visibility to the tools and methods that can unlock real productivity gains.

Set the tone. Build the foundation. Equip your team for success without added risk.

If this email was forwarded to you and you’d like it delivered directly to your inbox each day, subscribe below.