AI Ethics for SMEs: One-Page Policy Workshop

What it covers

This half-day workshop guides founders and HR leads through the core principles of responsible AI use in small businesses, translating abstract ethics into a concrete one-page policy. Participants draft their own do/don't lists, disclosure language for clients, and a lightweight review cadence. The format combines short concept bursts with live template customisation, so every attendee walks away with a document ready to share — not a slide deck to forget. No technical background is required.

What you'll be able to do

• Draft a one-page AI usage policy tailored to your organisation's specific tools and context
• Write clear client-facing disclosure language that meets transparency expectations
• Identify the top five AI-related risks relevant to your business size and sector
• Set up a simple quarterly review process to keep the policy current as AI tools evolve
• Communicate the policy internally so employees know what is and is not permitted

Topics covered

• Core AI ethics principles adapted for SME context
• Building a practical do/don't list for AI tool usage
• Client-facing disclosure language and transparency obligations
• GDPR touchpoints relevant to AI use in small businesses
• Setting a lightweight AI policy review cadence
• Handling employee concerns and internal communication
• Customising the one-page policy template to your business

Delivery

Delivered live, either in-person or via video conferencing (Zoom/Teams). Materials include a facilitated slide deck, a one-page policy template in Word and Google Docs format, and a reference card of key GDPR touchpoints. The session is approximately 70% hands-on customisation and discussion, 30% facilitated content. A follow-up async review slot of 30 minutes can be offered one week later to answer questions after participants have shared the draft internally.

What makes it work

• Involving both a founder and at least one frontline employee in the drafting session to ensure buy-in at both levels
• Anchoring the policy to specific tools already in use rather than hypothetical future scenarios
• Publishing the policy in a shared, version-controlled location (Notion, Google Drive) so everyone can find it
• Setting a calendar reminder for the first review at the end of the session, before the momentum fades

Common mistakes

• Copying a large-enterprise AI policy verbatim — the language becomes unenforceable and irrelevant for teams of five
• Treating ethics as a one-time checkbox rather than scheduling a regular review as tools change
• Forgetting client-facing disclosure entirely until a customer asks how their data was handled
• Focusing only on ChatGPT while ignoring AI embedded in CRMs, hiring tools, and accounting software already in use

Providers to consider

• OpenClassroomsopenclassrooms.com →
• Jedha Bootcampjedha.co →
• DataScientestdatascientest.com →
• LinkedIn Learningwww.linkedin.com/learning →

Sources

• EU AI Act — SME Guide, European Commission →
• CNIL — Recommandations sur les systèmes d'IA →