# ISO 42001 Incident Response > Draft AI incident response procedure and documentation for ISO/IEC 42001:2023. Tags: ISO 42001, Incident Response, Compliance, AI ## Example Prompts - Draft our AI incident response procedure - Document escalation and harm assessment steps - Update incident log and corrective action template URL: https://rakenne.app/skills/iso42001-incident-response/index.md Try this skill: https://rakenne.app/a/?skill=iso42001-incident-response ## Overview Draft AI incident response procedure and documentation for ISO/IEC 42001:2023. ## Getting Started Add your source materials to the project workspace, then activate the *ISO 42001 Incident Response* skill. The agent will guide you through the process step by step. ## Example conversation **You:** We need an AI incident response procedure—how we detect, escalate, assess harm, and take corrective action for AI-specific incidents. **Agent:** I’ll draft the incident response procedure and log template using the skill reference. I’ll define AI-specific incident types (e.g. bias, safety, misuse, data, performance), detection and reporting, escalation, harm assessment, corrective and preventive action, root-cause analysis, and how we document improvements. I’ll run **incident_response_check** on the procedure and fix any missing elements, then align with your lifecycle and nonconformity process. ## Output excerpt ### Incident response excerpt **AI incident types** — Bias or fairness; safety or unintended use; data breach or misuse; significant performance or drift; explainability or transparency failure; regulatory or compliance. **Detection and reporting** — [e.g. Monitoring alerts; user feedback; audit finding]. Reported to [e.g. Product owner / AIMS owner]. Channel: [e.g. ticket system or dedicated inbox]. **Escalation** — Severity [e.g. 1–3]. High: immediate [e.g. AIMS owner + DPO if data]. Medium: [e.g. 24 h]. Low: [e.g. next review]. Escalation path documented. **Harm assessment** — For each incident: describe impact (users, data, reputation); severity; whether corrective action is urgent. Document in incident record. **Corrective and preventive action** — Corrective: [e.g. fix, rollback, notify]. Preventive: [e.g. process change, retrain, control]. Owner and deadline. Root-cause analysis for [e.g. high severity]. Effectiveness reviewed per nonconformity procedure. **Incident log** — Retain: date; system; description; harm assessment; actions; status; link to CAPA where applicable. ## Extension and validation The skill includes **incident_response_check**, which validates the incident response procedure for required elements: detection and reporting; escalation steps and roles; harm assessment/severity; corrective and preventive action; root-cause analysis; improvements to prevent recurrence. Run it after drafting and address any missing elements. --- Back to [Skill Library](https://rakenne.app/skills/index.md)