AI PROCUREMENT · VENDOR RISK · 24–48H

AI Vendor Risk Review

Before you put an AI tool into HR, sales, support, operations, or internal data workflows, get a technical risk memo.

24–48h technical/procurement review · from 490€ + VAT

Email Jose Connect on LinkedIn Book a review

WHAT I LOOK AT

A decision memo, not generic AI Act consulting

I review the tool, use case, data path and vendor claims so you can decide whether to buy, delay, constrain or reject the rollout.

Data exposure

What data enters the tool, where it may go, and what internal workflows become exposed.

Vendor lock-in

Export paths, switching costs, opaque workflows and dependency on proprietary behaviour.

AI Act role hypothesis

A practical hypothesis for whether you are acting as deployer, provider or another role.

Operational controls

Logging, access control, escalation paths, monitoring and failure handling.

Human oversight

Where people remain accountable and what decisions should not be automated blindly.

Procurement questions

The questions to ask the vendor before signature, rollout or renewal.

WHAT YOU GET

Concrete deliverables

  • A 2–4 page technical risk memo
  • Vendor and data exposure summary
  • AI Act role hypothesis and risk notes
  • Operational controls and human oversight checklist
  • Procurement questions for the vendor
  • Go / constrain / pause recommendation with rationale

SAMPLES

Sample cards

The public kit includes reproducible templates and generated examples for real-world AI vendor review scenarios.

Microsoft 365 Copilot

Sample review for a broad productivity rollout touching internal documents and collaboration workflows.

https://github.com/josediegorobles/ai-vendor-risk-review-kit/blob/main/reports/microsoft-365-copilot.md

ChatGPT Team / Business

Sample review for teams adopting a general-purpose AI assistant across knowledge work.

https://github.com/josediegorobles/ai-vendor-risk-review-kit/blob/main/reports/chatgpt-team.md

Notion AI

Sample review for AI-assisted workspace search, writing and internal knowledge management.

https://github.com/josediegorobles/ai-vendor-risk-review-kit/blob/main/reports/notion-ai.md

FOR PARTNERS

White-label available

I can deliver the technical memo behind the scenes for lawyers, HR consultancies, IT consultancies and trusted advisors who need a sober technical layer before their client buys or deploys an AI tool.

Law firmsHR consultanciesIT consultanciesBusiness advisors

SCOPE

Clear boundaries

This is not legal advice, not certification and not a pentest. It is a technical and procurement risk review to support a better buying or deployment decision.

Review an AI vendor before rollout

Send me the tool name, intended use case and the workflow it will touch. I will tell you quickly whether a 24–48h memo makes sense.

Email jose@josedrobles.com LinkedIn Calendly