HECVAT Tab
AI
This tab focuses on artificial intelligence features and capabilities within the solution, including machine learning and large language models.
It covers AI risk management, responsible AI training, and governance policies for AI implementation.
Questions address how AI features can be controlled, disabled, and monitored for security risks.
The tab also examines data protection measures to prevent sensitive information from being ingested by AI models.
Categories
Explore the categories within the AI tab
General AI Questions covers controls and questions related to that domain.
It outlines expectations institutions typically require from vendors.
The category helps assess risk posture and operational maturity.
It provides structure for consistent evaluation during security reviews.
AI Qualifying Questions covers controls and questions related to that domain.
It outlines expectations institutions typically require from vendors.
The category helps assess risk posture and operational maturity.
It provides structure for consistent evaluation during security reviews.
AI Large Language Model (LLM) covers controls and questions related to that domain.
It outlines expectations institutions typically require from vendors.
The category helps assess risk posture and operational maturity.
It provides structure for consistent evaluation during security reviews.
Required Questions covers controls and questions related to that domain.
It outlines expectations institutions typically require from vendors.
The category helps assess risk posture and operational maturity.
It provides structure for consistent evaluation during security reviews.
AI Policy covers controls and questions related to that domain.
It outlines expectations institutions typically require from vendors.
The category helps assess risk posture and operational maturity.
It provides structure for consistent evaluation during security reviews.
AI Data Security covers controls and questions related to that domain.
It outlines expectations institutions typically require from vendors.
The category helps assess risk posture and operational maturity.
It provides structure for consistent evaluation during security reviews.
AI Machine Learning covers controls and questions related to that domain.
It outlines expectations institutions typically require from vendors.
The category helps assess risk posture and operational maturity.
It provides structure for consistent evaluation during security reviews.
ResponseHub is the product I wish I had when I was a CTO
Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.
As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!
I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.
