M MentoroidX
Official ISO Courses Templates Library MentoroidX Learner Portal Contact

Third-Party AI Vendor Due Diligence Pack — Preview

Third-Party AI Vendor Governance Pack (DDQ + Contract Clauses)

AUD 1,800

Procurement-grade due diligence, scoring, clauses and monitoring to manage vendor AI risk.

Enterprise Edition principle: you are buying decision scaffolding and audit artefacts—so governance operates in real cadence (not just documents).

  • Decision logic (who approves what/when) + escalation triggers (what forces review).
  • Lifecycle RACI + meeting artefacts (agenda, decision log, action tracking).
  • Waivers (time‑bound) + evidence expectations (what must be retained per decision).

Standards coverage: included Coverage Tables reference ISO/IEC 42001, ISO/IEC 23894, NIST AI RMF, EU AI Act (conditional), APRA CPS 230, and ISO/IEC 27001 interfaces.

Included free with any template purchase
Enterprise AI Governance Reference Manual (EIGM) + Enterprise One‑Pagers Pack (v1.0)
Enterprise Edition EIGM v1.0 Evidence‑led
Manual size: ~33 pages. One‑pagers: 5 × 1‑page checklists. Built to help stakeholders execute governance fast: decision rights, escalation triggers, evidence expectations, and a repeatable cadence.
  • Quick start + rollout plan + “which template to use when” index.
  • Minimum Evidence Set + board/audit operating cadence prompts.
  • Standards‑mapped crosswalks to support defensible evidence (conditional applicability).

Quantified value (conservative): saves 5–12 days → AUD 9,000–21,600 avoided cost → 5×–12× value

Who benefits

  • Procurement
  • Third‑Party Risk
  • CISO / Security governance
  • Legal / contracting support
  • AI Owners
Inside this pack:
  • Vendor DDQ + scoring workbook (XLSX): governance, security, privacy, change control, audit rights, exit readiness.
  • Contract clause library (DOCX): change notice, audit rights, logging/traceability, data deletion, exit plan.
  • Go/No‑Go decision memo (DOCX): conditional approvals + evidence references.
  • Ongoing vendor monitoring tracker (XLSX) + evidence index/decision log (XLSX).
  • Vendor exit plan checklist (DOCX).
Worked outputs included: Example scored DDQ responses (fictionalised) and conditional approval wording. · Example clause negotiation fallbacks (“if vendor refuses”).

What you receive (Enterprise Edition)

  • Vendor DDQ + scoring workbook (XLSX): governance, security, privacy, change control, audit rights, exit readiness.
  • Contract clause library (DOCX): change notice, audit rights, logging/traceability, data deletion, exit plan.
  • Go/No‑Go decision memo (DOCX): conditional approvals + evidence references.
  • Ongoing vendor monitoring tracker (XLSX) + evidence index/decision log (XLSX).
  • Vendor exit plan checklist (DOCX).
  • Start‑Here roadmap (PDF): how to implement quickly without consultants.
  • Implementation playbook (PDF): decision logic + escalation triggers + evidence expectations.
  • Filled examples (PDF): realistic, fictionalised outputs (“what good looks like”).
  • Assurance output (PDF): template + worked example for audit/committee packs.
  • Standards coverage (PDF + XLSX): mapping method across recognised standards (conditional applicability).
  • QA report + file manifest (hashes) for release traceability.

Filled examples & outputs

  • Example scored DDQ responses (fictionalised) and conditional approval wording.
  • Example clause negotiation fallbacks (“if vendor refuses”).
Back to resources Buy now