This protocol defines the procedures to be followed when an AI system incident occurs — whether a technical malfunction, harmful output, security breach, data breach, or ethical violation. The protocol aims for rapid containment, effective remediation, and systematic learning. It applies to all AI systems across the Minthar Holdings ecosystem.
Incidents are classified into four levels: Severity 1 (Critical) — actual or potential harm to individuals, large-scale data breach, serious regulatory violation, outputs causing public harm; Severity 2 (High) — discriminatory decisions affecting a group of individuals, system failure affecting critical business operations; Severity 3 (Medium) — degraded performance affecting service quality, inaccurate outputs requiring correction; Severity 4 (Low) — minor errors not affecting decisions or individuals.
Upon a critical incident: Immediate Containment — shut down the causing system within 30 minutes of detection; Notification — inform the CEO, Chief AI Officer, and Legal Counsel immediately; Assessment — a pre-designated response team begins assessment within one hour; Regulatory — notify SDAIA within 72 hours where personal data breach is involved; Communication — statement to affected parties within 24 hours; Remediation — approved remediation plan before system restart.
Severity 2: notify Ethics Committee and Chief AI Officer within 4 hours; assess and remediate within 48 hours; consider temporary system suspension pending remediation. Severity 3: notify Chief AI Officer within 24 hours; remediation plan within 5 business days; continue system operation with enhanced monitoring. Severity 4: log in incident register; present in monthly periodic report; remediate within normal maintenance cycle.
Minthar Holdings commits to notification per the following frameworks: SDAIA — within 72 hours upon breach of personal data processed by AI per the PDPL; National Cybersecurity Authority — upon occurrence of a cyber incident related to AI systems; Affected parties — within 24-72 hours depending on severity of direct impact; Board of Directors — immediate notification for critical incidents and monthly report for others.
The containment process follows structured steps: Isolation — separate the affected system from other systems to prevent spread; Preservation — secure evidence and logs for investigation and regulatory compliance; Analysis — identify root cause using a structured analysis methodology; Remediation — develop and test the fix; Verification — comprehensive testing before redeployment; Documentation — complete recording of the incident and actions taken.
All critical and high-risk AI systems are equipped with: Immediate Rollback — ability to revert to the previous stable version within minutes; Circuit Breaker — automatic shutdown mechanism when pre-defined error thresholds are exceeded; Fallback Mode — reversion to manual operations or alternative systems when necessary. These mechanisms are tested quarterly.
After every Severity 1 or 2 incident, a comprehensive review is conducted within 10 business days covering: complete incident timeline; root cause analysis; evaluation of response effectiveness; lessons learned; recommendations to prevent recurrence; required policy or procedure updates. Review findings are shared with the Ethics Committee and Board.
Minthar Holdings maintains pre-approved communication templates for incidents: urgent internal statement for employees; client and affected party notification; press statement (for critical incidents requiring public disclosure); regulatory authority notification; follow-up updates. Templates are reviewed annually and updated upon regulatory requirement changes. Available in both Arabic and English.