Questions to add to existing vendor risk assessments to account for AI risks

2 Pages

This checklist extends traditional third-party risk management to address AI-specific vendor risks. It provides structured questions to add to existing assessments, covering whether vendors deploy AI systems, whether those systems qualify as high-risk, and how AI is used. The checklist dives deeply into training data sources, data quality, bias mitigation, ownership and licensing, retention, deletion, versioning, and traceability. It also addresses informed consent, data augmentation practices, update frequency, handling of sensitive data, and overall data governance frameworks. The checklist enables organizations to evaluate AI vendors responsibly without creating entirely new assessment processes.

Join for free to read

Case Study Now on Now: How Vendor Risk Management(VRM) enables us to…

Guide A Buyer’s Guide to Pre-Employment Assessments

Ebook Building a Scalable Vendor Risk Management Program

Ebook Fast, Smart, and Connected Vendor Risk Management

More from OneTrust

Guide Essential checklist for simplifying third-party risk management

Guide TPRM privacy compliance: Questions to ask when working with…

Infographic Six Steps to Effective Third-Party Risk Management

Ebook Data Privacy Compliance and Third-Party Risk Management: A…

Guide

Questions to add to existing vendor risk assessments to account for AI risks

Questions to add to existing vendor risk assessments to account for AI risks

You Might Also Like

More from OneTrust