SERVESSolo · Small · Mid-sized firms
FORMATFixed-fee · 1-8 wks
JURIS.50 states + DC
BOOKINGThrough July 2026
STATUSAccepting
IXSOR® EST 2026 · SINCE 2020 [ TEL ]919.901.0001SMS FILE NO. P / 2026
[ RESOURCE / PROMPT ]

Firm AI Policy Generator.

Generate a first-draft AI usage policy for a law firm, mapped to ABA Model Rules 1.1, 1.4, 1.6, 5.3, and 1.5. The output is a starting document for the firm to edit, not a final policy. Designed to satisfy the Rule 5.3 supervision-framework expectation that an AI-using firm has a written policy.

Use case:Rule 5.3 supervision documentation; firm-level AI governance; audit-defensible policy file Category:Governance & Templates Vendors:Claude, GPT-4, CoCounsel, Spellbook

Read this first

Use this resource with eyes open. IXSOR is not a law firm and this is not legal advice. The prompt produces structured output; you, the lawyer, make every judgment that follows and bear the responsibility for what reaches the court or the client. Verify every claim against primary sources. Cross-check against your jurisdiction’s rules and your specific situation before relying on it. Resources are written to be useful in general; they cannot account for your particular facts, ethics regime, client posture, or matter context. Full disclaimer below.

The prompt

Copy and paste this into your AI tool of choice. The prompt assumes you can attach or paste the input documents inline; substitute as needed for the tool’s interface.

You are a legal-AI governance specialist. The user will describe their law firm in structured form (size, practice areas, jurisdictions, tools currently in use). Your task is to produce a first-draft AI-usage policy for the firm, mapped to the relevant Model Rules of Professional Conduct.

The firm-description input fields the user will provide:
- Firm name
- Number of attorneys
- Number of non-attorney staff
- Practice areas
- Jurisdictions where the firm practises
- AI tools currently in use (or planned)
- Firm leadership structure (managing partner, executive committee, etc.)
- Existing technology-use policies (yes/no/partial)
- Particular constraints (insurance carrier requirements, client-imposed restrictions, etc.)

Produce the policy with these sections:

PREAMBLE
   One paragraph stating the firm's commitment to competent and ethical use of AI in legal practice.

SECTION 1: SCOPE AND DEFINITIONS
   - What "AI" and "generative AI" mean for the policy
   - Who the policy applies to (lawyers, paralegals, secretaries, contractors)
   - When the policy applies (any client-related work)

SECTION 2: APPROVED TOOLS
   - List of currently approved AI tools by category (legal-research, drafting, document-review, embedded-PMS, general-purpose)
   - Which tier of each approved tool is approved (consumer vs enterprise)
   - Process for proposing additions to the approved list
   - Process for removing tools

SECTION 3: COMPETENCE OBLIGATION (Rule 1.1)
   - Each attorney's individual obligation to be trained on each tool used
   - Training cadence (initial + quarterly)
   - Training documentation requirements
   - Process for situations where a tool changes materially

SECTION 4: CONFIDENTIALITY (Rule 1.6)
   - Categorical rules: what categories of client information may go into which tier of which tool
   - Mandatory redaction or anonymisation steps
   - Specific prohibition on consumer-tier AI for client documents
   - Vendor due-diligence requirements before any tool joins the approved list

SECTION 5: SUPERVISION (Rule 5.3)
   - Supervising attorney's obligations for non-attorney use of AI
   - Quality-control review of AI outputs before they leave the firm
   - Documentation of supervision

SECTION 6: COMMUNICATION WITH CLIENTS (Rule 1.4)
   - When AI use must be disclosed to the client
   - Form of disclosure (engagement letter, separate notice, oral)
   - Documentation of disclosure

SECTION 7: CANDOR TO THE TRIBUNAL (Rule 3.3)
   - Verification requirements before filing any AI-assisted document
   - Specific reference to the Mata v. Avianca standard
   - Process if AI-fabricated content is discovered post-filing

SECTION 8: FEES (Rule 1.5)
   - Treatment of AI savings under the firm's billing model (hourly, flat-fee, contingent)
   - Specific prohibition on billing time AI did
   - Disclosure of AI use as it relates to fees, where applicable

SECTION 9: DATA RETENTION
   - How long AI conversations and outputs are retained
   - Where they are stored
   - When and how they are deleted
   - Coordination with the firm's record-retention policy

SECTION 10: TRAINING
   - Required training for each role
   - Training records the firm maintains
   - Annual review

SECTION 11: ENFORCEMENT
   - Who is responsible for compliance
   - Reporting violations
   - Disciplinary process

SECTION 12: REVIEW AND AMENDMENT
   - Quarterly review schedule
   - Process for amending the policy

Constraints:
- The policy should be 8-15 pages of single-spaced text.
- Every reference to a Model Rule should cite the rule number and (if available) the relevant Comment.
- Where the firm's jurisdiction differs from the ABA Model Rules, note that the policy must be reviewed against the state's rules.
- Use plain English where possible; specialist legal language where necessary.
- Include placeholder text for jurisdiction-specific elements (e.g., "[STATE BAR OPINION REFERENCE]").

End the policy with:
- Effective date placeholder
- Amendment-history placeholder (table)
- Signature lines for the managing partner and ethics-counsel attorney

This is a FIRST DRAFT. The firm must review with its ethics counsel before adoption.

Input

Input format

The user provides the firm description as a structured list. The prompt’s output adapts to the inputs (firm size affects supervision depth; practice areas affect confidentiality concerns; jurisdiction affects which state-bar opinions are cited).

Expected output

Output format

A 12-section policy document of 8-15 pages, in plain text or markdown. The output is structured for direct copy-paste into a Word document, with placeholder fields clearly bracketed.

Verification — what the lawyer must do after

⚠ Risks and failure modes

  • Generic-policy risk: A policy generated from a general prompt may miss firm-specific concerns. Read the output critically and edit for the firm’s actual practice.
  • Jurisdiction-specific risk: The output uses ABA Model Rules. Several states have stricter rules (California, New York, Florida); these should be cross-referenced.
  • Stale-vendor risk: The approved-tools list reflects a moment in time. Without quarterly review, the policy will diverge from actual practice.
  • Compliance-theatre risk: A policy that exists but is not enforced is worse than no policy — it creates documented non-compliance. The enforcement section must be operative, not aspirational.

Vendor compatibility

Best on Claude or GPT-4 with a long context window. CoCounsel and Spellbook will produce defensible drafts with built-in legal-research overlay.

Citations and further reading