Vendor Vetting Checklist (12‑Point Scorecard)
Vendor Vetting Scorecard |
|
Technical & Security |
Business & Legal |
| AI methodology explained | Clear data ownership terms |
| Performance metrics provided | Customer references available |
| SOC 2 Typ II (or equivalent) | Transparent pricing model |
| Encryption at rest and in transit | Reasonable contract terms |
| Regular security audits | Dedicated support team |
| Backup & Recovery plan | Training & Onboarding plan |
How the scoring works
- 12 criteria total: 6 Technical & Security + 6 Business & Legal
- Score each as 0/1 with written evidence
- Use thresholds to decide: proceed, caution, investigate, or avoid
Decision thresholds
10–12: Proceed with confidence
7–9: Proceed with caution
4–6: Investigate further
0–3: Consider alternatives