HECVAT Category
AI Qualifying Questions
AI Qualifying Questions covers controls and questions related to that domain. It outlines expectations institutions typically require from vendors. The category helps assess risk posture and operational maturity. It provides structure for consistent evaluation during security reviews.
Assessment Questions
Does your solution leverage machine learning (ML) or do you plan to do so in the next 12 months?
This question is asking whether your product or service uses machine learning (ML) technology currently or plans to implement it within the next year. It's a qualifying question that determines whether additional ML-specific security questions will be asked in the assessment.
Does your solution leverage a large language model (LLM) or do you plan to do so in the next 12 months?
This question is asking whether your product or service uses a large language model (LLM) or if you plan to incorporate one within the next year. LLMs are AI systems trained on vast amounts of text data that can generate human-like text, answer questions, translate languages, and perform other language-related tasks. Examples include GPT-4, LLaMA, Claude, and similar models.
ResponseHub is the product I wish I had when I was a CTO
Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.
As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!
I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.
