Ask.School is an AI-powered parent communication platform for UK schools, built with safeguarding and KCSIE compliance at its core. As AI tools become more common in education, school leaders face a practical challenge: how to ensure that every tool in use meets the requirements of Keeping Children Safe in Education (KCSIE). The statutory guidance is clear on filtering, monitoring, safer recruitment and child-on-child abuse, but it does not mention AI tools by name. That leaves schools to interpret and apply the guidance themselves.

Ask.School has mapped the specific KCSIE 2025 requirements to what schools should expect from any AI tool, whether it is a chatbot, a homework helper, a communication platform or an administrative automation tool. It includes specific section references, practical checklists and a framework for evaluating AI products against the statutory requirements. For a broader introduction to how KCSIE applies to AI, see the companion post on what KCSIE means for AI tools in schools.

Why does KCSIE apply to AI tools at all?

KCSIE is technology-neutral. It does not prescribe specific systems or platforms. Instead, it sets out duties that apply to all aspects of a school’s operations, including any technology that children, parents or staff interact with. When a school introduces an AI tool, the duties in KCSIE do not change. The school must still ensure appropriate filtering and monitoring, still maintain safeguarding oversight and still protect children from harm.

The challenge is that AI tools introduce new risks that traditional technology does not. A static website cannot generate inappropriate content in response to a child’s question. An AI chatbot can. A traditional phone system does not process natural language in ways that might miss a safeguarding disclosure. An AI communication platform might. These differences mean that schools need to think carefully about how their existing KCSIE compliance framework applies to AI, and whether additional measures are needed.

This is not about creating new requirements. It is about applying existing requirements to a new category of technology. Schools that already have robust KCSIE compliance processes will find that much of the groundwork is done. The task is to extend those processes to cover AI tools specifically.

What does Part 2 of KCSIE require for filtering and monitoring?

Part 2 of KCSIE 2025 sets out the management of safeguarding in schools, including specific requirements for filtering and monitoring systems. Paragraphs 141 to 148 are particularly relevant when considering AI tools.

Filtering requirements

KCSIE requires that schools have appropriate filtering systems in place to limit children’s exposure to harmful content online. For AI tools, filtering takes on additional complexity because the content is generated dynamically rather than retrieved from a fixed source.

When evaluating an AI tool against KCSIE Part 2 filtering requirements, schools should consider:

  • Content generation controls: Does the AI tool restrict the content it can generate? A tool that draws only from a school-approved knowledge base is fundamentally different from one that can generate arbitrary text on any topic. Ask.School’s guardrails documentation details how content restrictions are configured.
  • Harmful content prevention: Can the tool generate content related to self-harm, abuse, exploitation, radicalisation or other harmful topics? If it can, what controls prevent this?
  • Age-appropriate responses: Are the tool’s responses calibrated for the age group using it? A response appropriate for a sixth-former may not be appropriate for a Year 3 pupil.
  • Dynamic filtering: Unlike a static blocklist, AI content filtering needs to work in real time on generated content. The tool should assess its own outputs before presenting them to users.
  • Bypass resistance: Can users manipulate the AI into generating harmful content through creative prompting? This is a well-documented risk with general-purpose AI tools and one that education-specific products should explicitly address.

The UK Safer Internet Centre provides guidance on filtering standards that schools can reference when evaluating AI tools. The key principle is that any system accessible to children must be filtered to the same standard as the school network.

Monitoring requirements

Paragraphs 143 to 146 of KCSIE require schools to have monitoring systems that identify children who may be at risk. For AI tools, monitoring means logging and reviewing the interactions that take place.

Effective monitoring of AI tools requires:

  • Conversation logging: Every interaction should be recorded and available for review by authorised staff. This is not optional. Without conversation logs, the school cannot demonstrate that it is monitoring the tool.
  • Automated flagging: Given the volume of interactions an AI tool may handle, manual review of every conversation is impractical. The tool should automatically flag interactions that may indicate a safeguarding concern, including disclosures of abuse, references to self-harm, bullying language and other indicators. Ask.School’s safeguarding alerts documentation explains how this works in practice.
  • Escalation pathways: When a concerning interaction is flagged, there must be a clear process for escalating it to the designated safeguarding lead (DSL). The tool should integrate with the school’s existing safeguarding workflow rather than creating a parallel process.
  • Review capability: Safeguarding staff should be able to search and review conversation logs, not just respond to automated alerts. This allows for retrospective review and pattern identification — the conversation monitoring guide shows how Ask.School provides this capability.
  • Retention and access: Conversation logs should be retained in line with the school’s data retention policy and accessible for inspection purposes.

For a detailed explanation of how automated safeguarding monitoring works in AI tools, see the guide on how AI safeguarding monitoring works in schools.

Who is responsible for filtering and monitoring?

KCSIE paragraph 142 states that the governing body or proprietors should ensure appropriate filtering and monitoring systems are in place. This means that responsibility for ensuring AI tools meet filtering and monitoring standards sits with school leadership, not with the IT department alone.

In practice, this means:

  • Governors should be satisfied that AI tools have been assessed for filtering and monitoring adequacy
  • The headteacher should ensure that AI tools are included in the school’s filtering and monitoring framework
  • The DSL should understand how safeguarding concerns are flagged and escalated within AI tools
  • IT staff should manage the technical implementation and ensure monitoring systems are functioning
  • All staff should know how to report concerns about AI tool outputs through the school’s normal safeguarding channels

This shared responsibility model mirrors the approach KCSIE takes to online safety more broadly. It recognises that safeguarding is a whole-school responsibility, not a task that can be delegated to a single individual or department.

How does Part 3 of KCSIE relate to AI procurement?

Part 3 of KCSIE deals with safer recruitment. While this is primarily about recruiting staff and volunteers, the principles it establishes are directly relevant to how schools procure AI tools. The underlying purpose of Part 3 is to prevent people who pose a risk to children from gaining access to them. AI procurement decisions serve the same gatekeeping function: they determine what technology children will interact with.

Due diligence in AI procurement

When a school procures an AI tool, it is effectively granting that tool access to its community. Parents, pupils and staff will interact with it. The school has a duty to ensure that this interaction is safe, just as it has a duty to ensure that the people working in the school are safe.

Due diligence for AI procurement should include:

Area Questions to Ask KCSIE Alignment
Safeguarding design Was the product designed for education? Does it include safeguarding controls? Part 2, para 141-148
Content safety What content can the tool generate? What prevents harmful content? Part 2, para 141-142
Data handling Where is data stored? Who can access it? What is the retention policy? Part 2, para 138-140
Monitoring capability Does the tool log interactions? Can it flag safeguarding concerns? Part 2, para 143-146
Vendor background Who built the tool? What is their track record in education? Part 3 principles
Regulatory compliance Does the tool meet the Generative AI Product Safety Standards? DfE guidance
Ongoing review How is the tool updated? How are new risks addressed? Part 2, para 147-148

The procurement checklist

Schools should treat AI procurement with the same rigour they apply to any decision that affects child safety. A formal procurement process for AI tools might include the following steps:

  1. Identify the need: What problem does the AI tool solve? Is AI the right approach?
  2. Market assessment: What products are available? Which are designed for education?
  3. Safeguarding review: Does the tool meet KCSIE filtering and monitoring requirements?
  4. Data protection impact assessment (DPIA): Required under GDPR for any processing likely to result in a high risk to individuals. AI tools processing children’s data will almost certainly require a DPIA.
  5. Safety standards check: Does the tool meet the Generative AI Product Safety Standards?
  6. Pilot and evaluation: Test the tool in a controlled environment before full deployment.
  7. Governance approval: Present the assessment to governors for approval, documenting the rationale.
  8. Staff training: Ensure all relevant staff understand the tool and the safeguarding controls in place.
  9. Ongoing review: Schedule regular reviews to ensure the tool continues to meet requirements.

This process may seem onerous for a single software purchase, but the principle is sound: any tool that children interact with deserves the same level of scrutiny as any adult who works with them. The depth of the process can be proportionate to the level of interaction — an AI tool used only by office staff for internal administration carries different risks from one that interacts directly with pupils.

What does Part 5 of KCSIE say about child-on-child abuse and AI?

Part 5 of KCSIE addresses child-on-child abuse, recognising that children can abuse other children and that schools must have systems to prevent, identify and respond to this. AI tools create new contexts in which child-on-child abuse might occur or be disclosed, and schools need to consider both.

AI as a context for child-on-child abuse

If an AI tool allows children to communicate or share content, it can become a venue for bullying, harassment or other forms of child-on-child abuse. This is most relevant for AI tools that include:

  • Chat or messaging features: Any tool that allows pupils to send messages to each other, even if AI-mediated, creates a potential context for abuse.
  • Collaborative features: Tools that allow pupils to work together through an AI platform may expose children to peer abuse.
  • Content generation: If pupils can use an AI tool to generate content about other pupils, this creates a risk of AI-facilitated bullying or image-based abuse.

Schools should assess each AI tool for these risks and ensure that appropriate safeguards are in place. This includes content moderation, reporting mechanisms and clear policies on acceptable use.

AI as a detection mechanism for child-on-child abuse

AI tools can also play a positive role in identifying child-on-child abuse. If a tool processes natural language interactions involving children, it may detect indicators of abuse that would otherwise go unnoticed. This includes:

  • Disclosures: A child may disclose abuse to an AI chatbot, particularly if they feel unable to speak to an adult. The tool should recognise disclosures and escalate them immediately.
  • Language patterns: AI can identify language patterns associated with bullying, coercion or distress. Automated monitoring can flag these for human review.
  • Behavioural changes: If a child’s interaction patterns change significantly — for example, they become withdrawn or their language becomes aggressive — this may indicate a safeguarding concern.

The key requirement is that any detection mechanism must be connected to the school’s safeguarding process. Detecting a potential concern is only useful if it reaches the DSL and triggers an appropriate response.

Balancing detection with privacy

Schools must balance the duty to detect child-on-child abuse with children’s right to privacy. KCSIE does not require schools to monitor every word a child types, but it does require systems that can identify when a child may be at risk. AI monitoring should be proportionate, targeted and transparent:

  • Proportionate: Monitor for specific indicators of harm rather than conducting blanket surveillance of all communications.
  • Targeted: Focus monitoring on interactions that carry higher risk, such as those involving vulnerable children or those flagged by automated systems.
  • Transparent: Children, parents and staff should know that AI interactions are monitored for safeguarding purposes. This should be included in the school’s acceptable use policy and privacy notice.

The ICO’s Children’s Code provides additional guidance on balancing safeguarding with children’s privacy rights, and schools should consider this alongside KCSIE when designing their monitoring approach.

How should schools evaluate AI tools against KCSIE?

The following framework provides a structured approach to evaluating any AI tool against KCSIE requirements. It is designed to be used by the DSL, IT lead or whoever is responsible for assessing new technology in the school.

Evaluation framework

Section 1: Filtering (KCSIE Part 2, paragraphs 141-142)

Requirement Evidence Required Met?
The tool prevents generation of harmful content Documentation of content filtering approach; testing results
Content is age-appropriate for the intended users Evidence of age-appropriate design; testing with relevant age groups
The tool cannot be manipulated to bypass filters Documentation of adversarial testing; evidence of prompt injection defences
Filtering is updated to address emerging risks Evidence of ongoing content safety work; update schedule
The tool meets the filtering standards set by the school’s existing framework Comparison with school’s filtering policy; gap analysis

Section 2: Monitoring (KCSIE Part 2, paragraphs 143-146)

Requirement Evidence Required Met?
All interactions are logged Access to conversation logs; demonstration of logging system
Safeguarding concerns are automatically flagged Documentation of flagging criteria; demonstration of alert system
Flagged concerns are escalated to the DSL Evidence of escalation pathway; integration with school safeguarding workflow
Authorised staff can search and review logs Demonstration of search and review functionality
Logs are retained in line with school policy Documentation of retention policy; evidence of compliance

Section 3: Safeguarding oversight (KCSIE Part 2, paragraphs 147-148)

Requirement Evidence Required Met?
A named individual has oversight of the tool Documented role and responsibilities
The tool is included in the school’s safeguarding policy Updated safeguarding policy referencing the tool
Governors have approved the tool’s deployment Minutes of governors’ meeting; documented rationale
Staff have been trained on the tool and its safeguards Training records; briefing materials
The tool is reviewed at regular intervals Review schedule; evidence of previous reviews

Section 4: Data protection (KCSIE Part 2, paragraphs 138-140)

Requirement Evidence Required Met?
A DPIA has been completed Completed DPIA document
Data is processed lawfully under GDPR Identified lawful basis; privacy notice updated
Data is stored in the UK or an adequate jurisdiction Documentation of data storage location
Data sharing agreements are in place Signed data processing agreement
Data is retained only as long as necessary Documented retention periods; deletion schedule

Section 5: Child-on-child abuse prevention (KCSIE Part 5)

Requirement Evidence Required Met?
The tool cannot be used to facilitate peer abuse Assessment of abuse vectors; documentation of controls
The tool can detect potential abuse indicators Documentation of detection capabilities; demonstration
Detection is connected to the school’s safeguarding process Evidence of integration with existing workflows
Children are informed that interactions are monitored Acceptable use policy; privacy notice
The tool supports the school’s anti-bullying policy Assessment against existing policy; documented alignment

Section 6: AI Product Safety Standards (DfE guidance)

Requirement Evidence Required Met?
The tool meets the Generative AI Product Safety Standards Vendor’s compliance statement; independent assessment
Safety is built in by design, not bolted on Evidence of safety-first architecture; design documentation
The tool does not anthropomorphise the AI Review of user interface; assessment of conversational behaviour
Progressive disclosure is implemented where appropriate Demonstration of how the tool presents information
The vendor has a responsible disclosure process Documentation of vulnerability reporting process

For a complete breakdown of the AI Product Safety Standards, see the guide on what schools need to know about the Generative AI Product Safety Standards.

What are the common gaps schools find when auditing AI tools?

Based on the experience of schools that have gone through this evaluation process, several common gaps tend to emerge. Knowing about these in advance helps schools ask the right questions during procurement.

Gap 1: No conversation logging

Many general-purpose AI tools do not provide conversation logs to the school. The interactions happen on the vendor’s platform, and the school has no way to review what was said. This is a fundamental failure to meet KCSIE monitoring requirements. If the school cannot review interactions, it cannot monitor for safeguarding concerns.

What to look for: A tool that provides the school with full access to conversation logs, searchable by date, user and content. The logs should be accessible to authorised staff without requiring the vendor’s involvement.

Gap 2: No automated safeguarding flagging

Some tools log conversations but rely entirely on manual review to identify concerns. Given the volume of interactions an AI tool can handle, this is not practical. Manual review should supplement automated flagging, not replace it.

What to look for: A tool that automatically identifies potential safeguarding concerns using keyword detection, sentiment analysis or pattern recognition, and escalates these to the DSL through the school’s existing safeguarding channels.

Gap 3: Consumer-grade content filtering

General-purpose AI tools typically use content filters designed for adult consumers. These filters may catch the most obviously harmful content but are not calibrated for children. They may allow content that is inappropriate for a school setting but not harmful enough to trigger a consumer-grade filter.

What to look for: A tool with education-specific content filtering that is calibrated for the age group using it. The tool should be able to demonstrate that its filters have been tested against the types of content that KCSIE identifies as harmful.

Gap 4: No integration with school safeguarding processes

Some AI tools have their own internal flagging or moderation systems, but these operate in isolation from the school’s safeguarding workflow. A flag that sits in a vendor dashboard that nobody checks is not an effective safeguard.

What to look for: A tool that integrates with the school’s existing safeguarding process, whether that means sending alerts via email, integrating with the school’s safeguarding software (such as CPOMS or MyConcern) or providing a dashboard that the DSL checks as part of their routine.

Gap 5: No evidence for governors

Governors need to be satisfied that AI tools meet KCSIE requirements, but many vendors do not provide documentation in a format that is useful for governance purposes. A technical white paper may satisfy the IT team but not the governing body.

What to look for: A vendor that provides clear, non-technical documentation of how their product meets KCSIE requirements, suitable for presentation to governors. This should include a compliance statement, a summary of safeguarding controls and evidence of ongoing review.

See Ask.School’s safeguarding features at ask.school/safeguarding for an example of how an education-specific AI platform addresses each of these areas.

How should the DSL’s role adapt for AI tools?

KCSIE places the DSL at the centre of a school’s safeguarding framework. As AI tools become part of the school’s technology landscape, the DSL’s role needs to expand to include oversight of these tools. This does not mean the DSL needs to become a technical expert, but they do need to understand the safeguarding implications and have confidence that appropriate controls are in place.

What the DSL needs to know about each AI tool

For every AI tool in use in the school, the DSL should be able to answer:

  1. What does the tool do? A clear understanding of the tool’s purpose and how it interacts with children, parents or staff.
  2. What safeguarding controls does it have? Content filtering, monitoring, flagging and escalation capabilities.
  3. How are concerns escalated? The process by which a flagged concern reaches the DSL and what happens next.
  4. Where are the logs? How to access conversation logs and what they contain.
  5. Who else has oversight? Whether the IT team, senior leaders or governors are also involved in monitoring the tool.
  6. When was it last reviewed? The date of the most recent review and what it found.

This information should be documented and readily accessible. If the DSL is asked about AI tools during an Ofsted inspection, they should be able to provide clear, confident answers. For more on preparing for inspection questions about AI, see the guide on how to answer Ofsted questions about AI in your school.

Integrating AI oversight into existing DSL routines

The DSL’s oversight of AI tools should not be a separate, additional task. It should be integrated into their existing routine:

  • Daily: Check for any safeguarding alerts from AI tools, alongside alerts from other monitoring systems.
  • Weekly: Review a sample of flagged conversations to ensure the automated system is working correctly and to identify any trends.
  • Termly: Conduct a formal review of each AI tool’s safeguarding performance, including the number and nature of flagged concerns, any false positives or negatives and whether any changes to the tool’s configuration are needed.
  • Annually: Include AI tools in the school’s annual safeguarding audit and update the safeguarding policy accordingly.

This mirrors the approach KCSIE takes to online safety oversight more broadly. The DSL is not expected to monitor every interaction personally, but they are expected to have systems in place that identify concerns and to respond appropriately when concerns arise.

What should a school’s AI acceptable use policy include?

KCSIE requires schools to have an acceptable use policy (AUP) that covers technology use. When AI tools are introduced, the AUP should be updated to include them. A comprehensive AI section in the AUP might include:

For pupils

  • Which AI tools are approved for use in school
  • How AI tools should and should not be used
  • That all interactions with AI tools are monitored for safeguarding purposes
  • How to report concerns about AI tool outputs
  • That attempting to bypass content filters or manipulate AI tools is a breach of the AUP
  • That AI-generated content must be identified as such in schoolwork

For staff

  • Which AI tools are approved for professional use
  • How to use AI tools in line with GDPR and the school’s data protection policy
  • How to report concerns about AI tool outputs or behaviour
  • That staff should not enter sensitive or personal information into AI tools unless the tool has been approved for that purpose
  • Responsibilities for monitoring AI tools within their area

For parents

  • Which AI tools the school uses and why
  • How the school ensures AI tools are safe and appropriate
  • That interactions are monitored for safeguarding purposes
  • How parents can raise concerns about AI tool use
  • Guidance on AI tool use at home, where relevant

The AUP should be reviewed whenever new AI tools are introduced and at least annually as part of the school’s policy review cycle.

How do Multi-Academy Trusts approach KCSIE compliance for AI?

Multi-Academy Trusts (MATs) face additional complexity when ensuring KCSIE compliance for AI tools. With multiple schools, potentially different AI tools in use across the trust, and a central governance structure, MATs need a coordinated approach.

Trust-level considerations

  • Centralised procurement: MATs may benefit from procuring AI tools centrally, ensuring that all schools in the trust use tools that have been assessed against KCSIE requirements. This avoids the risk of individual schools adopting tools that have not been properly evaluated.
  • Consistent policies: The trust’s safeguarding policy should include a framework for AI tool use that applies across all schools. Individual schools can adapt this for their specific context, but the core requirements should be consistent.
  • Shared monitoring: Some MATs may choose to have a central team that monitors AI tool use across the trust, supplementing the monitoring carried out by individual school DSLs. This can help identify trends and share learning across schools.
  • Governance oversight: The trust board should receive regular reports on AI tool use and safeguarding performance across the trust. This ensures that governance oversight exists at trust level as well as at individual school level.
  • Training consistency: Staff training on AI tools and KCSIE requirements should be consistent across the trust. This is particularly important for staff who move between schools within the trust.

Practical steps for MATs

  1. Audit existing AI tool use: Survey all schools in the trust to identify which AI tools are currently in use, whether they have been formally assessed and whether they meet KCSIE requirements.
  2. Develop a trust-wide AI policy: Create a policy framework that sets minimum standards for AI tools across the trust, aligned with KCSIE requirements.
  3. Centralise procurement where possible: Negotiate trust-wide agreements with approved vendors, ensuring consistent safeguarding standards.
  4. Appoint a trust-level AI lead: Designate someone at trust level to coordinate AI strategy, procurement and compliance across schools.
  5. Share learning: Create mechanisms for schools to share their experiences of AI tools, including what works well and where concerns have arisen.

What records should schools keep to demonstrate KCSIE compliance for AI?

If the school is inspected or if a safeguarding concern arises, the school needs to be able to demonstrate that its AI tools meet KCSIE requirements. This requires maintaining clear records.

Essential records

  • AI tool register: A list of all AI tools in use, including what they do, who approved them, when they were last reviewed and what safeguarding controls are in place.
  • Evaluation documentation: The completed evaluation checklist for each tool, including evidence of how each KCSIE requirement is met.
  • DPIA: A data protection impact assessment for each AI tool that processes personal data.
  • Safeguarding policy: The current safeguarding policy, updated to reference AI tools.
  • Acceptable use policy: The current AUP, updated to cover AI tool use for pupils, staff and parents.
  • Training records: Evidence that staff have been trained on AI tools and the associated safeguarding controls.
  • Monitoring logs: Access to conversation logs and records of safeguarding concerns flagged by AI tools.
  • Governors’ minutes: Minutes of governors’ meetings at which AI tools were discussed and approved.
  • Review records: Documentation of periodic reviews of AI tools, including findings and any actions taken.

How long to keep records

Records should be retained in line with the school’s general data retention policy. As a minimum:

  • Safeguarding records: Retain for the duration of the child’s time at the school plus a period after leaving, in line with local authority guidance.
  • Conversation logs: Retain in line with the school’s data retention schedule, typically for the academic year plus a period to allow for any safeguarding investigations.
  • Evaluation and procurement records: Retain for the life of the contract plus a period after the tool is decommissioned.
  • Training records: Retain for the current academic year plus three years, or in line with the school’s HR records policy.

How can schools stay current as KCSIE evolves?

KCSIE is updated annually, and the DfE has signalled that future versions will include more specific guidance on AI. Schools that have established a robust framework for evaluating AI tools against KCSIE will be well placed to adapt as the guidance evolves.

Practical steps for staying current

  • Monitor DfE updates: Subscribe to DfE email updates and monitor the KCSIE page for changes. The annual update is typically published in the summer term for implementation from September.
  • Review the AI Product Safety Standards: The Generative AI Product Safety Standards are likely to be updated as the technology matures. Schools should review their AI tools against any updated standards.
  • Engage with sector bodies: Organisations such as the UK Safer Internet Centre, NSPCC and South West Grid for Learning (SWGfL) provide guidance on online safety in education that is regularly updated.
  • Review vendor compliance: When KCSIE or the AI Product Safety Standards are updated, ask your AI tool vendors to confirm that their products continue to meet the requirements. A vendor that is proactive about compliance updates is a positive sign.
  • Share learning across the sector: Schools benefit from hearing how others are approaching KCSIE compliance for AI. Professional networks, MAT forums and local authority briefings can all be valuable sources of practical insight.

Schools may also find it helpful to keep parents informed about how the school uses AI safely. For guidance on communicating online safety to families, see the post on keeping students safe online: what schools should share with parents.

A summary checklist for school leaders

The following checklist summarises the key actions for school leaders who want to ensure their AI tools meet KCSIE requirements. It is designed to be used as a practical tool, not as a comprehensive audit framework.

KCSIE AI Compliance Quick Checklist

Filtering (Part 2, paras 141-142)

  • ☐ AI tools have education-specific content filtering
  • ☐ Filtering is age-appropriate for intended users
  • ☐ Tools have been tested for filter bypass resistance
  • ☐ Filtering is reviewed and updated regularly

Monitoring (Part 2, paras 143-146)

  • ☐ All AI interactions are logged
  • ☐ Automated safeguarding flagging is in place
  • ☐ Flagged concerns are escalated to the DSL
  • ☐ Authorised staff can search and review logs

Oversight (Part 2, paras 147-148)

  • ☐ A named individual has oversight of each AI tool
  • ☐ AI tools are referenced in the safeguarding policy
  • ☐ Governors have approved AI tool deployment
  • ☐ Staff have been trained
  • ☐ Tools are reviewed at least annually

Data protection (GDPR / Part 2, paras 138-140)

  • ☐ A DPIA has been completed for each AI tool
  • ☐ Data processing agreements are in place
  • ☐ Data storage meets UK requirements

Child-on-child abuse (Part 5)

  • ☐ AI tools have been assessed for abuse facilitation risk
  • ☐ Detection mechanisms are connected to safeguarding processes
  • ☐ Monitoring is proportionate, targeted and transparent

AI Product Safety Standards (DfE guidance)

  • ☐ AI tools meet the Generative AI Product Safety Standards
  • ☐ Vendor has provided a compliance statement

Records

  • ☐ AI tool register is maintained
  • ☐ Evaluation documentation is filed
  • ☐ Training records are up to date

What should schools do next?

Schools that have not yet evaluated their AI tools against KCSIE requirements should start with the audit: identify which AI tools are in use, complete the evaluation framework for each one and address any gaps. Schools that have already done this work should ensure that their processes include regular review, particularly when KCSIE is updated each year.

The underlying principle is straightforward. KCSIE requires schools to keep children safe, including from risks associated with technology. AI tools are technology. The same duties apply. Schools that approach AI tools with the same rigour they apply to any other safeguarding decision will meet their obligations and protect their communities.

For schools looking for an AI communication platform that is built to meet these requirements, Ask.School provides safeguarding guardrails, content filtering, conversation logging and automated concern escalation as standard. Every feature is designed with KCSIE compliance in mind, so that schools can adopt AI with confidence.