Forty questions to ask any AI vendor before you sign. Send these in writing; require written answers; keep the responses on file. A vendor that won’t answer specifically is telling you something. Last reviewed: May 25, 2026.

How to Use

Send Sections 1–6 to the vendor as a request for written responses. Keep their answers attached to the Tool Approval Worksheet. Re-run on contract renewal.

Section 1: Vendor & Product Basics

1. Vendor legal entity, principal place of business, and years in operation.
2. Product name, version, and the specific plan or tier you are quoting.
3. What underlying AI model(s) does the product use, and who provides them (your own model, OpenAI, Anthropic, Google, etc.)?
4. If you use third-party models, do your data-handling commitments flow through to those providers in writing?
5. Are there features in this plan that we should disable for our use case (e.g., model training, telemetry)?

Section 2: Data Handling

6. Will any of our inputs or outputs be used to train your or any third party’s AI models? Provide the controlling clause from your contract or terms.
7. How long are inputs and outputs retained by default? Can retention be reduced contractually, and to what minimum?
8. Where (geography) are inputs and outputs processed and stored?
9. Do you have a Data Processing Agreement (DPA) we can sign? Send a copy.
10. Do you offer a Business Associate Agreement (BAA) for HIPAA-covered work? If so, on what plans, and what conditions apply?
11. List all subprocessors who may access our data, including AI model providers, cloud hosts, support contractors.
12. How are deletion requests handled? Time to deletion of (a) live data, (b) backups, (c) any training-derived artifacts.
13. Confirm whether you log prompts and responses for review, debugging, or abuse detection. If yes, who has access, and how long are logs retained?

Section 3: Security

14. Do you maintain SOC 2 Type II, ISO 27001, or another recognized security audit? Provide the most recent report under NDA.
15. How is data encrypted in transit and at rest? What key management is in place?
16. Describe your authentication options. Do you support SSO (SAML or OIDC) on our plan? MFA mandatory?
17. What is your published incident response time? Where will breach notifications be sent, and within how many hours of detection?
18. Has the product or company experienced a security incident in the past 24 months? If so, describe.
19. How do you handle access provisioning and revocation for your own staff handling customer data?

Section 4: Model Behavior and Outputs

20. What testing have you done on the model for outputs that are factually inaccurate, biased, or harmful in our intended use cases? Provide evidence, not assurance.
21. Do you publish a model behavior or use policy that documents what the model is and is not designed to do well?
22. How does the product handle requests that fall outside its competence (refusal, escalation, silent failure)?
23. Are there controls we can configure for content filtering, output style, or rejection of certain requests?
24. If our staff or participants experience an output that is materially wrong or harmful, what is your response process?
25. Do you support audit logging of prompts and responses on our side for our recordkeeping?

Section 5: Pricing and Commercial Terms

26. List all costs that may apply, including per-seat, usage-based, and overage fees.
27. Is there a nonprofit, education, or social-sector discount?
28. What is the minimum commitment term? Auto-renewal terms and notice period to cancel?
29. Under what circumstances can pricing change during the term, and with how much notice?
30. Is there a no-charge or reduced-rate trial sufficient to evaluate against our actual workflows?

Section 6: Contract Terms

31. Send the form contract or MSA we will be asked to sign. Identify any non-negotiable clauses.
32. What is your standard indemnification for IP infringement of AI-generated outputs? Any carve-outs?
33. What is your limitation of liability, and is it tied to fees paid?
34. Confirm the governing law and venue clauses, and your willingness to negotiate if they are commercially impractical for us.
35. Termination for cause, for convenience, and for changes to your AI training or data-handling terms during the contract.

Section 7: Compliance Fit (Internal Review)

36. Does this tool process Sensitive / Regulated data? If so, do the contract terms support that under all applicable laws (HIPAA, FERPA, child-welfare, attorney-client, state privacy)?
37. If charged to a federal award: is the cost allowable under 2 CFR 200.403 for the funded activity, and have we documented the allocation methodology if it serves multiple awards?
38. Does the tool’s geography of processing comply with any data-localization requirements imposed by our funders or contracts?
39. Have we obtained written sign-off from our [Executive Director / AI Use Officer / compliance lead] on the responses to Sections 1–6?
40. Is this tool replacing an existing tool we should sunset on the day we go live? If yes, who is responsible for shutting it down and migrating data?

Red Flags

Any of the following warrants escalation or, often, declining the vendor:

• Vendor won’t put data-handling commitments in the contract itself — “see our website terms” is not a commitment.
• Vendor’s training-on-inputs default is on, and turning it off requires an upgrade or special request.
• Vendor cannot name its subprocessors or AI model providers.
• Vendor cannot send a current SOC 2 or equivalent audit.
• Vendor has no documented incident response process.
• Vendor’s contract makes the customer indemnify the vendor for AI output infringement.
• Vendor’s pricing or AI-policy terms can change unilaterally during the contract with short or no notice.
• Vendor’s representatives can’t (or won’t) answer Section 2 questions in writing.

Pair this checklist with the Tool Approval Worksheet. The Checklist evaluates the vendor; the Worksheet records the internal approval. Templates only — not legal advice.