RC-AI-04 AI Vendor Procurement Questionarire
Document 3: AI Vendor Procurement Questionnaire
REEVES COUNTY
AI VENDOR PROCUREMENT QUESTIONNAIRE
Vendor Information
Company Name:
Product Name:
Primary Contact:
Email:
Phone:
SECTION 1 – AI CAPABILITIES
Does your product use Artificial Intelligence?
□ Yes
□ No
If yes, describe all AI functionality:
SECTION 2 – DATA USE
Does your AI system:
|
Question |
Yes |
No |
|
Store County data? |
□ |
□ |
|
Use County data to train models? |
□ |
□ |
|
Share data with third parties? |
□ |
□ |
|
Transfer data outside the United States? |
□ |
□ |
Explain:
SECTION 3 – SECURITY CONTROLS
Provide documentation for:
□ SOC 2 Report
□ ISO 27001 Certification
□ Penetration Testing Results
□ Incident Response Plan
□ Data Retention Policy
□ Cyber Liability Insurance
SECTION 4 – TRANSPARENCY
Describe:
- How outputs are generated.
- Known limitations.
- Known risks.
- Human oversight features.
SECTION 5 – COMPLIANCE
Does the system comply with:
□ Texas Government Code Requirements
□ CJIS Requirements
□ HIPAA Requirements
□ ADA Requirements
□ Records Retention Requirements
Provide details:
SECTION 6 – AUDIT RIGHTS
Will the vendor permit:
|
Requirement |
Yes |
No |
|
Security Review |
□ |
□ |
|
Contract Audit |
□ |
□ |
|
Data Review |
□ |
□ |
|
Compliance Verification |
□ |
□ |
SECTION 7 – INCIDENT RESPONSE
Vendor must notify Reeves County of:
- Data breaches
- Unauthorized access
- AI system failures
- Material model changes
Notification Timeframe:
_____ Hours
CERTIFICATION
I certify that the information provided is accurate and complete.
Vendor Representative:
Title:
Date: