What is vendor and third-party model due diligence in AI?

A structured process to evaluate external AI vendors and their models for risks, reliability, and compliance before and during use, including ethical and societal considerations.

Which ethical and societal risks are assessed?

Bias and discrimination, privacy, accountability, transparency, safety, and overall societal impact.

What steps are typically involved in due diligence?

Define requirements; assess data practices; evaluate model performance, safety, and bias; review governance and compliance; check security and privacy; review contracts; establish ongoing monitoring and audits.

How should you evaluate a third-party AI provider?

Review data governance, training data provenance, model validation, risk-management framework, incident response, change management, and ethics guidelines; ensure accountability and continuous monitoring.