Get Started

Article · Procurement

AI vendor due diligence checklist

A practical review framework for enterprise teams evaluating AI vendors before approval — privacy, security, compliance and operations in one workflow.

By Privian TeamUpdated June 17, 202612 min read
Due diligence evaluates questionnaire answers against tolerance — it is not a questionnaire.

Enterprise AI vendor approvals fail in predictable ways: a questionnaire is sent, answers are collected, and nobody evaluates them against the use case. Due diligence is the evaluation step. The framework below is the one Privian recommends to buyers; it is deliberately vendor-neutral and designed to fit inside a normal procurement workflow.

Why AI vendors require additional scrutiny

AI vendors handle prompt data, which often contains the most sensitive operational text in the business: customer messages, internal documents, credentials in error logs, draft contracts. They also sit between the buyer and a model provider, which means retention, training-use, dependency and residency questions look different from a typical SaaS review. A standard questionnaire misses most of this.

The right question is rarely "is the vendor secure?" — it is "what reaches the model, what is retained in raw form, and what is the buyer's exit path?".
From top to bottom: governance and policy, application minimization, a gateway that masks and routes, the BYOK provider boundary, and provider-side controls.01 · Governance & policyDocuments intent02 · Application minimizationDrops fields upstream03 · Gateway: mask + route + retainIn the request path04 · BYOK provider boundaryCustomer owns the key05 · Provider-side controlsTier, retention, region
Layered AI controlsNo single layer is sufficient. Each compensates for the others' gaps.

Privacy review checklist

Framework

Privacy review

  1. 01

    What prompt data reaches the model, in what form, at each hop?

  2. 02

    Which fields are masked, redacted or dropped before egress?

  3. 03

    Is anything retained in raw form, and for how long?

  4. 04

    Is customer data used for training or evaluation, and is opt-out explicit?

  5. 05

    How is rehydration handled, and where does it happen?

Security review checklist

Framework

Security review

  1. 01

    Encryption posture in transit, at rest and for credentials

  2. 02

    Authentication, SSO and role separation for admin actions

  3. 03

    Tenant isolation and blast radius of a single bug

  4. 04

    Vulnerability management, pen test cadence and SDLC controls

  5. 05

    Incident response timing, customer notification and post-mortems

Compliance review checklist

Framework

Compliance review

  1. 01

    Active DPA, SCCs and current subprocessor list

  2. 02

    Data residency commitments per provider and per region

  3. 03

    Alignment with sectoral rules (GDPR, HIPAA, PCI, EU AI Act)

  4. 04

    Audit log of model use and admin actions

  5. 05

    Right to audit and evidence package for assessors

Operational review checklist

Framework

Operational review

  1. 01

    Documented SLOs, status page and post-incident write-ups

  2. 02

    Change-control, rollback and dependency monitoring

  3. 03

    BYOK vs pooled provider credentials and exit plan

  4. 04

    Provider portability — change model provider without rewrite

  5. 05

    Sunset criteria for the feature after approval

Questions every enterprise should ask

A short, opinionated set of questions that surface the most decision-relevant information quickly:

  • What is the vendor's data path, hop by hop, in one page?
  • What is retained in raw form, by whom, and for how long?
  • Is BYOK supported, and is it the default or an upgrade?
  • What is the exit plan — data export, key revocation, contract termination?
  • Which model providers are in scope, and can they be changed without a rewrite?
  • Who is on the subprocessor list today, and how are changes notified?

Common red flags

  • Retention policies that say 'we may retain prompts for quality' without limits
  • No clear answer on whether prompt data is used for training
  • Single-provider lock-in with pooled credentials and no BYOK path
  • Logs and traces that mirror raw prompt content into third-party observability
  • Compliance answers that point at the model provider instead of the vendor
  • No documented data path — only a network diagram

Due diligence workflow

Framework

Five-step workflow

  1. 01

    Intake

    Define the use case, data classes and the smallest set of buyer-side controls that would make a 'no' into a 'yes'.

  2. 02

    Evidence

    Collect questionnaire answers, DPAs, SOC 2 / ISO reports, subprocessor list, data path and architecture references.

  3. 03

    Evaluation

    Score each dimension against tolerance; capture residual risk and the compensating control that would close each gap.

  4. 04

    Decision

    Approve, approve with conditions, or decline. The conditions are the contract; they are not aspirational.

  5. 05

    Re-review

    Set a re-review date and sunset criteria. AI vendors change quickly; an approval is a snapshot, not a permanent state.

Final checklist summary

Treat the four review areas above as a single one-page artefact. Each section should resolve to a specific answer, an evidence reference, and a residual-risk rating. The output is a decision document, not a report. Privian's posture in each section is documented on the Trust Center, with detail on the data path, architecture and security resources, and condensed into the Privian Blueprint.

Written under our editorial principles: implementation-grounded, honest about limitations, educational first.

Try Privian during beta

Protect prompts before they reach GPT, Claude and other models.

BYOK · Zero retention · Provider-agnostic. Privian is currently in beta — pricing and limits may change.

Get startedView pricingView docs

FAQ

Frequently asked questions

What is AI vendor due diligence?
AI vendor due diligence is the structured review an enterprise performs before approving an AI vendor — covering privacy, security, compliance and operational posture. It converts marketing claims into specific, comparable answers that a steering committee can act on.
How is this different from a security questionnaire?
A questionnaire collects answers. Due diligence evaluates those answers against the buyer's risk tolerance, data classes and intended use case, and produces an approval decision with conditions attached.
Why do AI vendors need additional scrutiny?
AI vendors process prompt data — often the most sensitive operational text in the business — and sit between the buyer and a model provider. Retention, training-use, dependency and residency questions are materially different from a typical SaaS review.
What does Privian publish to support due diligence?
The Privian Blueprint, Trust Center, Architecture and Security resources answer most due diligence questions in one place, with BYOK and zero raw retention as the default posture.

Related reading

Go deeper

More articles

Continue reading