🇿🇦 South Africa · AI Incident Response Playbook
A delimiter-split deliverable: an Executive Summary Word document for sign-off (severity-classification scorecard + top 5 likely incident scenarios + sign-off block + 3 embedded charts) plus a 9-sheet operational Excel workbook designed for use under pressure: Severity Classification Matrix (P1/P2/P3/P4 with industry-specific examples + escalation thresholds), 6-Step Response Process (Detect → Contain → Assess → Notify → Remediate → Review with Status dropdown driving the live Dashboard), Regulator Directory (sorted by deadline urgency), 12 Communications Templates (4 severities × 3 audiences: Internal / Customer / Regulator), Evidence Collection Checklist (12 items × Status dropdown), Post-Incident Review framework (RCA 5-Whys + Fishbone categories + Lessons Learned + Corrective Actions Tracker), Live Incident Log Template (empty 10-row template for real-time use), Readme, and Dashboard with native dynamic radar (per-step) + doughnut (overall response readiness).
The output is anchored on the regulations that apply to AI deployments in ZA. The top frameworks cited:
Chapter 3 (Conditions 1–8) — Eight conditions for lawful processing • Section 26 — Processing of special personal information (health, biometric, child data) • Section 71 — Right to object to decisions based solely on automated processing • Section 22 — Notification to Information Regulator and data subjects
Electronic communications and cybersecurity baseline
Employers using AI in recruitment or employment decisions must ensure automated systems do not directly or indirectly discriminate on any ground listed in Section 6(1) EEA; must audit AI tools for discriminatory impact; and must ensure that final employment decisions remain subject to human review and can be explained to affected individuals and the Commission for Employment Equity.
Credit providers using AI for credit assessments must ensure automated models comply with Section 81 NCA affordability requirements; must not use AI to facilitate reckless credit granting; must provide applicants with reasons for adverse credit decisions; and must register with the National Credit Regulator (NCR), which has authority to audit algorithmic credit decision systems for discriminatory or reckless outcomes.
You describe your organisation, jurisdiction, industry, risk appetite, and the AI tools currently in use. The tool produces a complete, structured playbook tailored to those inputs — designed to be opened, classified, and acted upon during a real incident.
The Executive Summary Word document is a one-page sign-off artifact for board / leadership. The detailed Excel workbook is the working operational instrument: classify severity, work through the 6 steps, populate the live incident log, dispatch the right communications template per severity tier, collect evidence, conduct the post-incident RCA, and track corrective actions to closure. Both are AI-assisted drafting aids intended to accelerate review by qualified incident-response, data-protection, and sector-regulatory practitioners.
$49 · one-time — answer a 6-question intake (including jurisdiction = ZA), and download your tailored document immediately.
Generate Playbook →Also available framed for your sector → see industry-specific pages