REPORT: The Frontline AI Gap – is AI reaching the frontline?

Read the report

How To Write An AI Usage Guide For Your Organization

As the use of AI at work continues to rise, the need for clear and concise guidance is more important than ever. Caitlin Aylward walks us through what should be included.

July 7 2026

Caitlin Aylward

External Contributor - Internal Comms & Engagement Expert

AI is everywhere. Whether you were an early adopter or you took a little longer to explore how it can level up your productivity, we can all agree that AI has moved beyond a passing trend. And as perspectives on AI usage in the workplace continue to evolve, many of us in the HR and internal comms communities are wondering how we can ensure its integration is as seamless as possible.

We’re only a few years beyond the introduction of AI, but it’s already fundamentally changing the way we work. Despite many office-based employees starting to incorporate AI into their daily work, a study from KPMG found that almost 60% admitted to hiding their use of it. Without the right guidance, support, and guardrails, people can feel unsure of what is – and what is not – permitted.

This is undoubtedly an age of opportunity when it comes to workplace tech usage. But such a rapid rise of AI in the workplace brings a pressing need for clarity, confidence, and trust.

We have a pivotal role to play in establishing and communicating clear guidance on AI adoption within our organizations. The good news is that 62% of workers in Europe view AI positively. And, even more encouragingly, 82% say they would be supportive of the introduction of clear usage guidance to help protect things like employee privacy.

So, whatever stage of the AI journey your organization is at, you’re unlikely to be preaching to the unconverted. People are proactively seeking out support and guidance, which is precisely what this blog post will help you create for your organization.

Section 1: Security & Ethics

The first section of your guide should clearly set out the “rules of play” for using AI at work. This is one of the most critical parts of any AI usage guide, as it sets clear boundaries that will protect both the organization and its employees.

Begin this section by educating people on the foundations of data privacy and AI. The “public park analogy” can be helpful here – whatever question or information you type into an AI prompt box, imagine yourself shouting it from the middle of a public park. It’s very rarely private.

Be very clear on what your organization does not want employees to feed into an AI assistant, such as:

  • Personal information about employees or customers that could cause a GDPR breach.
  • Unreleased financial information.
  • Sensitive strategy decks.
  • Intellectual property, such as proprietary code.

Finally, include an acknowledgement of the ethical use of AI within this section. It’s not uncommon for AI to become an echo chamber that simply reflects our biases, so be sure to emphasize the importance of human accountability and making professional judgments – regardless of AI outputs.

Section 2: Traffic Light Framework

A “traffic light framework” can be a helpful addition to your AI usage guide. The framework aims to help employees categorize their tasks and consider the appropriateness of the use of AI. The EU AI Act can be a handy resource to give you a rough framework when considering what type of tasks you should list under each category.

Here’s an example:

Green (Yes): Low-risk tasks like summarizing a public report or article, creating generic templates or resources, checking grammar, or turning an already-published policy update into a set of talking points.

Orange (Caution): Medium-risk tasks that will require a mandatory “human review,” such as analyzing anonymized data or drafting internal content.

Red (No): High-risk tasks for which your organization does not permit the use of AI, like uploading legal contracts, screening that leads to “hiring or firing” decisions, or anything involving a customer’s personal data.

Section 3: Tools & Integrations

The next part of your guide should define your organization’s “official stack” of approved AI-related tools that have been vetted and cleared for use.

This section doesn’t have to be long, but should clearly set out your approved list of AI tools and assistants, such as Microsoft Copilot, Enterprise ChatGPT, Workvivo AI, etc. It should also include the process that employees will need to follow if they wish to suggest access to a new AI tool that isn’t on the approved list yet.

Section 4: Disclosure & Reporting

Building and maintaining trust is central to a positive employee experience, so this section should set out your official process or policy for when and how an employee needs to disclose or report something in relation to their use of AI.

Consider whether your organization wants to introduce a policy that requires employees to disclose when AI has helped generate a piece of work, such as a presentation or report.

Perhaps employees will need to add a disclaimer to AI-generated images, or maybe you’ll add a specific company-approved statement for employees to add to the top of any long-form content that’s been produced by AI.

This section should also outline the process that an employee should follow if they need to report a breach or risk associated with AI usage. Honesty and transparency are key, and being clear on the reporting process will support a culture of learning by encouraging employees to report any slip-ups.

Be sure to mention the escalation process, and ideally include a point of contact who employees can reach out to.

Final considerations for your guide

Pinning down your content for each of these four sections will have you well on the way to launching a comprehensive AI usage guide.

It’s important to set a regular schedule for reviewing and updating the document. AI is changing constantly, and employees need to feel confident that the guide is relevant and up to date.

Consider committing to a set cadence for reviewing and refreshing the guide at regular intervals, such as quarterly.

Once your guide is complete, think about hosting a formal review period and/or soft launch with key stakeholders, which will likely include colleagues in IT and risk, any employee tech champions, HR Business Partners, and union representatives. The aim is not to slow down the process or create unnecessary barriers, but to ensure the guide is as impactful as possible while building a group of advocates.

Finally, think about your communications plan to launch the guide.

Team leader briefings should always precede the company-wide launch to make sure managers feel equipped to answer questions from their team members. Live Q&As, drop-in sessions, and interactive e-learning opportunities can all be great ways to launch and embed the new guide, on top of a rolling content plan of hints and tips for safe and effective AI usage.

CTA (31).png

 

Authors:

Caitlin Aylward

External Contributor - Internal Comms & Engagement Expert