Schools across England are looking for clear direction on AI policy. The Department for Education has published guidance, training modules, and product safety standards — but none of these give schools an operational policy they can adopt. This article sets out what the DfE has actually published, what it expects schools to do, and where the gaps remain.

What the DfE has published so far

As of March 2026, the DfE has released several resources that touch on artificial intelligence in schools. Each addresses a different aspect, but none provides a complete, adoptable policy framework.

Generative AI in education guidance (updated August 2025)

The DfE's headline document on AI in education sets out high-level principles for how schools, colleges, and trusts should approach generative AI. It covers safety considerations, data protection obligations, and the importance of professional judgement. However, it is a guidance document, not a policy template. It tells schools what to think about, not what to write in their policies.

Safe Use training modules

The DfE has published online training modules designed to raise staff awareness of AI tools and their implications. These are useful for building foundational understanding, but they operate at an awareness level. They do not translate into the operational policies, acceptable use agreements, or assessment integrity procedures that schools need to have in place.

Product safety standards (January 2026)

In January 2026, the DfE published safety standards for AI products used in education. These are aimed primarily at technology suppliers and developers, setting expectations for how AI tools should behave when deployed in educational settings. They are not school-operational documents — they do not help a school write its own staff acceptable use policy or assessment integrity procedures.

SLT Briefing Pack on AI and Coursework Integrity (March 2026)

On 9 March 2026, the DfE released a briefing pack for senior leadership teams addressing AI and coursework integrity. This is a useful resource for understanding the assessment integrity challenge, but it is a briefing document rather than a policy template. It highlights the issue without providing the operational documents schools need to address it.

Ofqual coursework resources (March 2026)

Ofqual published resources in March 2026 focused specifically on AI and assessed work. These address the narrow question of how AI affects the integrity of coursework and controlled assessments. They are important but limited in scope — they do not cover staff use of AI, safeguarding, data protection, or broader governance.

The key point: no official policy template pack

Despite this growing body of guidance, there is no official DfE school AI policy template pack for England. Schools cannot download a set of ready-to-adopt documents from the DfE that cover staff acceptable use, student acceptable use, assessment integrity, data protection impact assessments, or safeguarding addenda. This is a significant gap.

It is worth noting that Wales has gone further. A generative AI policy template for schools has been published via Hwb (the Welsh Government's national digital platform) through 360 Safe Cymru in May 2025, giving Welsh schools an officially-hosted starting point to adapt. England has not yet followed suit.

What the DfE actually expects schools to do

Reading across the published DfE guidance, several clear expectations emerge for schools:

• Safety should be the top priority. Schools should ensure that any use of AI tools prioritises the safety and wellbeing of children and young people.
• Schools may make their own choices about AI use provided they comply with wider statutory obligations, including safeguarding, data protection, and assessment regulations.
• Staff must continue to use professional judgement over any AI-generated output. AI tools should support, not replace, professional decision-making (DfE Generative artificial intelligence in education guidance).
• Schools should assess risks before adopting AI tools, including data protection implications, safeguarding risks, and the potential impact on assessment integrity.
• Schools should align AI decisions with existing obligations across safeguarding (KCSIE), data protection (UK GDPR), and assessment integrity (JCQ, Ofqual).

These are sound principles. The challenge is that principles are not policies. A headteacher reading this guidance knows what they should be thinking about, but still needs to produce the actual documents that demonstrate their school has addressed these areas.

The gap between guidance and policy

The core problem schools face is not a lack of guidance — it is a fragmentation problem. Multiple bodies have each published guidance covering different aspects of AI in schools, but no single source brings it all together into an operational policy framework.

Multiple bodies, multiple requirements

Consider what a secondary school head needs to draw from:

• DfE: high-level principles on safe and responsible AI use in education (Generative artificial intelligence in education guidance; Generative AI: product safety standards, updated January 2026)
• JCQ: specific requirements for AI coverage in malpractice policies, staff training on AI-generated work, and candidate authentication procedures (AI Use in Assessments, Revision 2, April 2025; General Regulations for Approved Centres 2025-26)
• ICO: data protection impact assessment considerations for AI tools that process personal data, plus Children's Code obligations for services likely to be accessed by children (ICO AI and data protection guidance — currently under review following the Data (Use and Access) Act 2025)
• Ofqual: enforcement of assessment integrity requirements and expectations around coursework authenticity (AI in coursework: resources for schools, March 2026; Chief Regulator letter on malpractice, 3 March 2026)
• Ofsted: inspectors may ask how schools are managing AI-related risks, particularly in relation to safeguarding and online safety (anchored in Keeping Children Safe in Education 2025)

Each body publishes its own guidance, on its own timeline, in its own format. None of them produces a consolidated set of school-level policy documents. The work of reading, interpreting, and translating these into local policy falls entirely on individual schools and trusts.

What schools actually need

To properly address AI across their operations, schools typically need:

• A staff acceptable use policy covering how employees may and may not use AI tools in their professional work
• A student acceptable use policy setting out expectations for learner use of AI, including age-appropriate safeguards
• An assessment integrity policy aligned with JCQ requirements, covering authentication, AI acknowledgement, malpractice definitions, and investigation procedures
• Data protection documentation including DPIA considerations for any AI tools processing personal data
• Safeguarding addenda addressing AI-specific risks within existing child protection frameworks
• A governance framework establishing oversight, review cycles, and accountability for AI-related decisions

Free templates exist for some of these individual documents — from organisations such as SWGfL, the National Governance Association, and others — but they each cover only part of the picture, they are not cross-referenced to each other, and they can become outdated as guidance evolves.

What other bodies require

JCQ: explicit AI coverage in exam-related policies

The Joint Council for Qualifications requires that centres have clear policies covering AI-generated work. Heads of Centre must sign an annual declaration (JCQ General Regulations for Approved Centres 2025-26, §1.9; typically due by 31 October) confirming that appropriate procedures are in place. JCQ's Instructions for Conducting Coursework and its AI Use in Assessments guidance (Revision 2, April 2025) require schools to address authentication of candidate work, staff training on identifying AI-generated content, and clear malpractice definitions that cover AI misuse. Failure to meet these requirements can result in sanctions against the centre.

ICO: data protection and the Children's Code

The Information Commissioner's Office expects organisations to conduct data protection impact assessments before deploying AI tools that process personal data. For schools, this is particularly important given the volume of children's data involved. The ICO's Age Appropriate Design Code (Children's Code) adds further obligations for services likely to be accessed by under-18s, including default privacy settings and transparency requirements.

Ofsted: safeguarding and online safety

While Ofsted has not published AI-specific inspection criteria, inspectors routinely examine how schools manage online safety risks. AI tools that students can access — whether sanctioned by the school or not — fall within this area. Schools should be able to demonstrate that they have considered AI-related risks within their safeguarding arrangements.

Ofqual: assessment integrity enforcement

Ofqual's role in enforcing assessment standards means that schools must be able to demonstrate that their assessed work meets authenticity requirements. With AI tools capable of generating essays, reports, and other assessment outputs, schools need clear procedures for verifying that submitted work is genuinely the candidate's own.

What this means for your school

Waiting is not a viable strategy

Some schools are holding off on AI policy work in the hope that the DfE will publish an official template pack they can simply adopt. Based on the current trajectory, this is not a safe assumption. The DfE has moved steadily toward principles-based guidance rather than prescriptive templates, and even if official templates were published, schools would still need to adapt them to local context.

The exam season deadline creates urgency

For secondary schools and exam centres, there is a concrete deadline. The JCQ Head of Centre annual declaration must be signed by 31 October, confirming that appropriate assessment integrity procedures are in place. Given the typical governance cycle — drafting, consultation, committee review, full governing body approval — policy work started in the autumn term may already be tight. Starting in the spring or summer term gives schools the lead time to get this right.

A translation layer is what schools need

What schools need is not more guidance to read — it is a translation layer that takes the fragmented guidance from DfE, JCQ, ICO, Ofqual, and Ofsted and turns it into board-ready, source-referenced policy documents that can be reviewed, adapted, and adopted through normal governance processes.

This means documents that:

• Are aligned with current published guidance as of a stated date
• Cross-reference the specific source documents they draw from
• Are structured for governing body review and approval
• Cover the full range of AI policy areas, not just one document in isolation
• Can be adapted to local school or trust context

Next steps

If you are responsible for AI policy at your school or trust, there are two practical starting points:

1. Assess where you stand now. Our free AI Policy Checklist for School Leaders covers nine areas across governance, staff use, assessment integrity, safeguarding, and data protection. It takes about ten minutes and will show you where your gaps are.
2. Get the policy documents in place. If you need source-referenced, board-ready policy documents that bring together guidance from DfE, JCQ, ICO, and Ofqual, see our AI Policy Packs — designed for individual schools and multi-academy trusts.

Related articles

• KCSIE 2026: New AI Safeguarding Rules for Schools
• JCQ AI Malpractice: Head of Centre Liability
• How to Write a School AI Acceptable Use Policy
• AI Policy Checklist: 9 Areas Schools Miss