Colorado AI Act in · EU AI Act (High-Risk) in · ISO 42001 + NIST AI RMF + Agentic AI — organized into editable implementation artifacts
HomeTools › AI Vendor Pre-Screen Lite

AI Vendor Pre-Screen Lite

A fast procurement triage layer for external AI vendors. It helps you decide whether a vendor deserves formal review, should move forward only with conditions, or is too opaque to onboard yet.

3-4 minutes 10 scored questions No login
  • Checks transparency, subprocessors, retention and deletion clarity, assurance evidence, incident commitments, data sensitivity, ownership, and vendor lock-in.
  • Escalates results when structural blockers exist, even if the raw score looks moderate.
  • Stops before any questionnaire, scorecard export, contract clauses, or monitoring workflow so it complements AI Controls Professional instead of replacing it.
Start the pre-screen See ACT pricing
Abstract enterprise procurement checkpoint for AI vendor governance review
Question 1 of 10

Informational only. Not legal advice, procurement approval, or security certification.

Final score
0
Out of 120
Critical triggers
0
Override conditions hit
Procurement recommendation
Proceed
Operational decision

Top 5 diligence gaps

Likely contract or governance red flags

    Vendor screening is not vendor due diligence.

    AI Controls Professional gives you the full vendor due-diligence procedure and questionnaire needed to validate this vendor properly. Use the screen to triage. Use the paid toolkit to execute.

    Get AI Controls Professional Read the AIBOM guide

    What this result means

    This screen is for procurement triage. This assessment does not determine that a vendor is safe. The results indicate whether the vendor looks clear enough, governable enough, and replaceable enough to justify formal review.

    What a strong result actually means

    A stronger result usually means the vendor is comparatively transparent about data use, dependencies, retention, assurance evidence, and incident commitments. That still does not remove the need for formal due diligence or contract review.

    What a weak result usually signals

    A weak result usually means the vendor is too opaque, too dependency-heavy, or too thin on control evidence to justify a light-touch onboarding path. That is where procurement teams lose time if they skip disciplined review.

    Useful next reads

    AIBOM guide

    Why a vendor questionnaire does not replace system traceability and dependency visibility.

    ISO 42001 implementation

    How supplier governance and documented information fit inside a management-system build.

    NIST AI RMF implementation

    Operationalize third-party AI governance using a practical risk-management lens.

    ACT pricing

    See the paid toolkit that covers the full vendor due-diligence procedure and questionnaire.

    Frequently Asked Questions (FAQs)

    What does this tool assess?

    This assessment screens whether an AI vendor looks ready for formal procurement review by testing transparency, subprocessors, retention and deletion clarity, assurance evidence, incident commitments, data sensitivity, ownership, and lock-in risk.

    Does a Proceed result mean the vendor is safe?

    No. Proceed only means this first-pass screen did not surface obvious structural blockers. It is not a substitute for due diligence, contract review, privacy review, or security validation.

    Why does transparency matter so much?

    Because opaque data use, hidden dependencies, or weak incident commitments make governance, auditability, and customer assurance materially harder even when the product demo looks strong.

    Why is switching cost treated as a risk signal?

    Because vendor lock-in changes the commercial and control posture. A black-box provider that is hard to replace deserves more scrutiny than a low-dependency tool with a clear exit path.

    Will this tool store my answers?

    No. The scoring runs entirely in the browser. Answers are not transmitted, synchronized, or stored by Move78. Once the page is refreshed or the browser closes, the run is gone.

    Use this pack after vendor pre-screening

    The pre-screen identifies vendor risk. The due diligence pack gives procurement, security, and governance owners a structured intake and approval artifact.

    View ACT-2 ProfessionalRead vendor due diligence guide

    Source and review note: This page was last reviewed on 6 May 2026 against the current Move78 public site baseline and relevant official or authoritative sources where laws, standards, frameworks, cybersecurity controls, product scope, pricing, support policy, or implementation guidance are discussed. It provides operational implementation guidance and product information only; it is not legal advice, tax advice, audit assurance, certification assurance, conformity-assessment advice, buyer-approval assurance, or security assurance. Validate legal, regulatory, contractual, tax, audit, and security decisions with qualified professionals.