The Essential Security Questions
AI
Questions about artificial intelligence, machine learning models, and AI-powered features in your service.
Questions in this Category
Does your product or service use AI or machine learning? If so, describe the AI capabilities and how they are used.
Explanation of the Question This question is asking whether your product or service incorporates artificial intelligence (AI) or machine learning (ML) technologies.
Is customer data used to train AI/ML models? If so, is this opt-in or opt-out, and can customers prohibit use of their data for training?
Explanation of the Question: This question is asking whether the organization uses customer data to train artificial intelligence (AI) or machine learning (ML) models.
Which third-party AI providers do you use? (e.g., OpenAI, Anthropic, AWS Bedrock, Azure OpenAI) Describe where customer data is sent and how it is processed.
Understanding the Question This question is asking you to identify any third-party AI providers your organization uses.
What safeguards are in place to ensure AI outputs are accurate, appropriate, and do not expose sensitive data? (e.g., prompt injection prevention, output filtering, human oversight)
Explanation of the Question: This question is asking about the specific measures your organization has implemented to ensure that the outputs generated by your AI systems are reliable, suitable fo...
ResponseHub is the product I wish I had when I was a CTO
Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.
As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!
I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.
