AI Vendor Security Questionnaire Guide
Procurement intake for AI SaaS and model APIs — data handling, subprocessors, and risk scoring.
Vendor AI Security Intake Questionnaire
Procurement intake for AI SaaS and model APIs — data handling, subprocessors, and risk scoring.
How to Fill Out This Vendor AI Security Intake Questionnaire
AI vendor security questionnaire template — Send to every new AI vendor before contract signature — feeds AI-012 clause checklist.
Recommended Owner: Security + Procurement | Legal reviews Section G decisions
Before you start
Getting Started
- Enable Editing: Click Enable Editing in Word when prompted.
- Replace brackets: Search for [Bold Brackets] and fill every placeholder with real names, tools, and dates.
- Delete what does not apply: Shorter accurate text beats generic boilerplate auditors cannot test.
- Cross-check Phase 1: Names and scope should match SOC-002, SOC-004, and COR-001 where referenced.
Toolkit links
Related templates in your kit
Keep these companion documents consistent (same owners, dates, and vendor names):
- AI-012
- AI-006
- COR-008
Quality check
Before You Finalize
- Every [bracket] placeholder is replaced or marked N/A with a short reason.
- Roles and tool names match COR-005 org chart and SOC-004 system description.
- Review and Approval section is signed with name, title, and date.
Evidence
Where to Store It
- Store the completed file in your compliance evidence folder (signed PDF for policies).
- Register the document in COR-013 Document Control Log with version and review date.
- Link to the record in your SOC-005 project plan or evidence index when ready.