Pertama Partners
Back to Insights
AI Security & Data ProtectionChecklistPractitioner

AI Vendor Security Assessment: A Complete Due Diligence Checklist

October 16, 202510 min readMichael Lansdowne Hauge
For:IT DirectorsProcurement LeadersSecurity EngineersRisk Managers

Complete due diligence methodology for assessing AI vendor security. Includes documentation requirements, evaluation criteria, red flags, and decision frameworks.

Tech Developer Coding - ai security & data protection insights

Key Takeaways

  • 1.AI vendor due diligence requires different questions than traditional software procurement
  • 2.Assess how vendors handle training data, model updates, and prompt security
  • 3.Verify data processing locations match your regulatory and contractual requirements
  • 4.Review vendor incident response procedures and notification timelines
  • 5.Include AI-specific terms in contracts covering data usage, model training, and liability

AI Vendor Security Assessment: A Complete Due Diligence Checklist

AI vendors vary dramatically in security maturity. A slick product demo tells you nothing about how your data will be protected. This guide provides a systematic approach to assessing AI vendor security before you commit.

Executive Summary

  • Vendor security assessments are non-negotiable. AI vendors process sensitive data on their infrastructure. Their security posture is your risk exposure.
  • Standard IT vendor assessments need AI-specific additions. Traditional security questionnaires miss AI-unique concerns like training data usage and model security.
  • Certifications are necessary but not sufficient. SOC 2 and ISO 27001 demonstrate baseline hygiene but don't cover everything.
  • Data handling terms require scrutiny. What happens to your data after processing matters as much as security during processing.
  • Contractual protections must match technical claims. Verbal assurances mean nothing. Get commitments in writing.
  • Ongoing monitoring beats point-in-time assessment. Vendor security postures change. Continuous oversight is essential.
  • Red flags warrant walking away. Some indicators suggest fundamental security gaps that no contract can mitigate.
  • Assessment scope should match data sensitivity. Higher-risk data requires deeper evaluation.

Why This Matters Now

AI adoption is accelerating, and so is AI vendor proliferation. New AI tools emerge weekly, many from startups without mature security programs. Meanwhile:

  • Data protection regulations apply to AI processing
  • Customers expect vendor due diligence
  • Cyber insurance increasingly questions AI vendor risk
  • Breach notification obligations extend to vendor incidents
  • AI-specific risks (training data exposure, model attacks) require specific assessment

Step-by-Step Implementation Guide

Step 1: Define Assessment Scope (Before Engagement)

Not every AI vendor requires the same depth of assessment:

Data SensitivityAssessment DepthTimeline
Public data onlyLight review1-2 days
Internal/operationalStandard assessment1-2 weeks
Confidential businessEnhanced assessment2-4 weeks
Personal data (PDPA)Comprehensive + legal3-6 weeks
Regulated dataFull due diligence4-8 weeks

Step 2: Gather Initial Documentation (Week 1)

Request the following before detailed assessment:

Security documentation:

  • SOC 2 Type II report (most recent)
  • ISO 27001 certificate and scope
  • Penetration test summary (last 12 months)
  • Security architecture overview
  • Incident history summary

Data handling documentation:

  • Privacy policy
  • Data processing agreement (DPA) template
  • Data flow diagrams
  • Retention and deletion procedures
  • Subprocessor list

AI-specific documentation:

  • Training data usage policy
  • Model security practices
  • AI-specific security testing results

Step 3: Review Certifications and Reports (Week 1-2)

SOC 2 Review Checklist:

  • Report is Type II (not just Type I)
  • Report is less than 12 months old
  • Trust Service Criteria cover Security and Confidentiality
  • No significant exceptions or qualified opinions
  • Control environment covers relevant services
  • Subprocessor controls addressed

ISO 27001 Review Checklist:

  • Certificate is current and valid
  • Scope covers the services you'll use
  • Statement of Applicability available
  • Recent surveillance audit completed
  • Any non-conformities closed

Step 4: Conduct Security Questionnaire (Week 2)

Use a structured questionnaire covering:

1. Organizational Security (5-10 questions)

  • Security governance structure
  • Security team qualifications
  • Security training program
  • Policy framework

2. Access Control (5-10 questions)

  • Authentication mechanisms
  • Authorization model
  • Privileged access management
  • Access logging and review

3. Data Protection (10-15 questions)

  • Encryption at rest and in transit
  • Key management
  • Data classification
  • Backup and recovery
  • Data retention and deletion

4. Network Security (5-10 questions)

  • Network architecture
  • Segmentation
  • Perimeter controls
  • Monitoring and detection

5. Application Security (5-10 questions)

  • Secure development lifecycle
  • Vulnerability management
  • Penetration testing
  • Code review practices

6. Incident Response (5-10 questions)

  • Incident response plan
  • Detection capabilities
  • Notification procedures
  • Post-incident review

7. AI-Specific Security (10-15 questions)

  • Training data sources and handling
  • Model security controls
  • Prompt injection protections
  • Output monitoring
  • AI-specific testing

Step 5: Evaluate Data Handling Practices (Week 2-3)

Critical questions for AI vendors:

Data usage:

  • Will our data be used for training? (Answer should be "No" with written commitment)
  • Who can access our data within your organization?
  • What logging/audit trail exists for data access?

Data location:

  • Where is data processed geographically?
  • Where is data stored?
  • Are there any cross-border transfers?

Data retention:

  • How long is input data retained?
  • How long are outputs retained?
  • What is the deletion process?
  • Can we verify deletion?

Subprocessors:

  • Who are your subprocessors?
  • What data do they access?
  • How are they assessed?

Step 6: Assess Contractual Terms (Week 3)

Key contract elements:

Data Processing Agreement:

  • Clear data processing purposes defined
  • Processor obligations specified
  • Security measures documented
  • Subprocessor restrictions included
  • Audit rights granted
  • Breach notification timeline specified
  • Data return/deletion on termination

Service Agreement:

  • SLA for security incidents
  • Liability caps appropriate
  • Indemnification terms balanced
  • Termination rights for security failures
  • Change notification requirements

Step 7: Identify Red Flags

Walk away or require significant remediation if you encounter:

Red FlagWhy It Matters
No SOC 2 or equivalent certificationBaseline security hygiene not demonstrated
Won't provide DPA or data handling termsLack of transparency on core concerns
Data used for training without opt-outYour data improves their product, not just yours
Vague or evasive answers on securityIf they can't explain it, they may not have it
No incident response planWhen (not if) incidents occur, chaos follows
Subprocessors unknown or undisclosedYour data may go places you don't know
Resistance to security questionnaireVendors with good security welcome questions
No penetration testing historyVulnerabilities remain undiscovered

Step 8: Document Findings and Decide (Week 3-4)

Create an assessment report covering:

  • Summary of findings
  • Risk rating (High/Medium/Low)
  • Gaps identified
  • Remediation requirements (if proceeding)
  • Recommended contract terms
  • Ongoing monitoring requirements
  • Go/no-go recommendation

Common Failure Modes

1. Relying solely on certifications. SOC 2 proves a control environment exists; it doesn't prove controls are effective for your use case.

2. Accepting marketing claims. "Bank-grade security" and "enterprise-ready" are marketing terms. Ask for specifics.

3. Skipping AI-specific questions. Traditional vendor assessments miss training data usage, model security, and AI-specific attacks.

4. Assessing once and forgetting. Vendor security postures change. Reassess annually or on significant changes.

5. Ignoring subprocessors. Your vendor's vendors are your risk too.

6. Weak contractual protections. Assessment findings mean nothing without contractual commitments.

Vendor Security Assessment Checklist

AI VENDOR SECURITY ASSESSMENT CHECKLIST

Pre-Assessment
[ ] Data sensitivity classified
[ ] Assessment depth determined
[ ] Timeline established
[ ] Stakeholders identified

Documentation Review
[ ] SOC 2 Type II report obtained and reviewed
[ ] ISO 27001 certificate verified
[ ] Penetration test summary reviewed
[ ] Privacy policy reviewed
[ ] DPA template reviewed
[ ] Subprocessor list obtained

Questionnaire
[ ] Organizational security assessed
[ ] Access controls evaluated
[ ] Data protection reviewed
[ ] Network security assessed
[ ] Application security evaluated
[ ] Incident response capabilities verified
[ ] AI-specific security assessed

Data Handling
[ ] Training data usage confirmed (opt-out verified)
[ ] Data location documented
[ ] Retention periods acceptable
[ ] Deletion procedures verified
[ ] Subprocessor handling acceptable

Contract Review
[ ] DPA terms acceptable
[ ] Security SLAs defined
[ ] Breach notification terms agreed
[ ] Audit rights included
[ ] Termination rights adequate

Decision
[ ] Red flags evaluated
[ ] Risk rating assigned
[ ] Remediation requirements documented
[ ] Contract terms negotiated
[ ] Ongoing monitoring plan created
[ ] Go/no-go decision made

Metrics to Track

MetricTargetFrequency
Vendors with current assessment100%Quarterly
Vendor reassessment completion100%Annually
Critical gaps identifiedZero (or remediated)Per assessment
Contract compliance verification100%Annually
Vendor security incidentsZeroMonthly

Tooling Suggestions (Vendor-Neutral)

Vendor Risk Platforms:

  • Third-party risk management solutions
  • Security rating services
  • Questionnaire automation tools

Contract Management:

  • DPA templates and libraries
  • Contract lifecycle management

Continuous Monitoring:

  • External security rating services
  • Breach notification services

FAQ

Q: How long should a vendor assessment take? A: 2-6 weeks depending on data sensitivity and vendor responsiveness.

Q: Can we rely on a vendor's SOC 2 report alone? A: No. SOC 2 is a starting point. Supplement with questionnaire, data handling review, and AI-specific questions.

Q: What if a vendor refuses to complete our questionnaire? A: This is a significant red flag. Vendors with strong security typically welcome assessment questions.

Q: How do we assess AI startups without certifications? A: Focus on technical controls, data handling practices, and contractual protections. Consider limiting data exposure until they mature.

Q: Should we assess vendors annually? A: Yes, or more frequently if you become aware of changes. Also reassess when renewing contracts.

Next Steps

Vendor security assessment is one component of procurement:

Book an AI Readiness Audit

Need help assessing AI vendor security? Our AI Readiness Audit includes vendor risk assessment methodology and support.

Book an AI Readiness Audit →

References

  1. ISO/IEC 27001:2022. Information Security Management Systems.
  2. AICPA. SOC 2 Reporting Framework.
  3. Singapore PDPC. Guide to Data Protection by Design.
  4. Cloud Security Alliance. Consensus Assessment Initiative Questionnaire (CAIQ).

Frequently Asked Questions

AI vendors handle data differently, may use customer data for model training, require ongoing data access, and introduce risks like prompt injection and model attacks that traditional software assessments don't cover.

Look for SOC 2 Type II, ISO 27001, and industry-specific certifications. However, certifications alone aren't sufficient—evaluate specific AI security practices including data handling, model security, and incident response.

Ask where data is processed and stored, whether data is used for training, what encryption is used in transit and at rest, how long data is retained, and what happens to data when the contract ends.

References

  1. ISO/IEC 27001:2022. Information Security Management Systems.. ISO/IEC Information Security Management Systems (2022)
  2. AICPA. SOC 2 Reporting Framework.. AICPA SOC Reporting Framework
  3. Singapore PDPC. Guide to Data Protection by Design.. Singapore PDPC Guide to Data Protection by Design
  4. Cloud Security Alliance. Consensus Assessment Initiative Questionnaire (CAIQ).. Cloud Security Alliance Consensus Assessment Initiative Questionnaire
Michael Lansdowne Hauge

Michael Lansdowne Hauge

Founder & Managing Partner

Founder & Managing Partner at Pertama Partners. Founder of Pertama Group.

ai vendor securityvendor assessmentdue diligencesecurity checklistAI vendor due diligencevendor risk evaluationthird party AI security

How Pertama Partners Can Help

AI Governance & Security

Learn more

Tech Stack Transformation

Learn more

AI Network Monitoring & Security Operations

Learn more

Ready to Apply These Insights to Your Organization?

Book a complimentary AI Readiness Audit to identify opportunities specific to your context.

Book an AI Readiness Audit

Related Articles

AI Data Retention Policies: How Long to Keep What
January 26, 2026Read
AI Threat Modeling: Identifying Risks Before They Become Incidents
January 13, 2026Read
Conducting an AI Vendor Security Audit: Methodology and Checklist
January 12, 2026Read