Free Resource

Fifteen questions to ask any AI agent vendor before you ship to a regulated environment.

We wrote this after watching the same questions come up across our CISO conversations. Identity, policy, audit, privacy, reversibility. Print it, take it to your next RFP.

What's inside

  • Fifteen yes-no questions grouped into five categories: identity, policy, audit, privacy, reversibility.
  • Plain language. Anyone on a security or GRC team can read and apply it.
  • Each question maps to a specific failure mode we've watched real platforms ship into production.
  • Vendor-neutral. It works whether you're buying or building.
  • One page printable. Brings clarity to a vendor call without slowing it down.

This is a working document. If you read it and disagree with any of the questions, the wording, or the categories, reply to the email you'll receive. We update the list based on what comes back from people using it.