For the purposes of this questionnaire, harmful outputs include responses from your AI system that may cause emotional distress, reinforce dangerous behavior, enable unsafe decision-making, or violate expectations in high-risk domains such as health, finance, or law. This includes both direct harms (e.g., offensive language, risky advice) and indirect harms (e.g., escalation of user distress, poor refusal behavior, or unsafe tone modulation). 1. Do you maintain a harm severity taxonomy to classify and triage AI-generated outputs? Describe the harm tiers or levels (e.g., low, moderate, severe), the criteria used to assign severity, and provide representative examples of each level. If available, include documentation or policy artifacts. 2. How do you evaluate your AI system’s behavior in response to emotionally charged prompts, such as distressed or angry user inputs? Describe the evaluation methodology and frequency. Provide examples of actual responses to both distressed and angry prompts. 3. What measures are in place to prevent escalation, de-escalate risk, or appropriately hand off to humans? 4. Does your AI system provide responses in high-risk domains such as health, financial, or legal topics? a. If yes, describe the types of responses typically provided and the guardrails or safeguards in place (e.g., disclaimers, refusal patterns, escalation triggers). b. If no, describe how the system avoids or refuses to engage in these topics. Provide sample responses. c. In either case, describe your audit process for reviewing the AI’s behavior in high-risk domains. Include recent findings if available. 5. Do you conduct regular audits or reviews focused on harmful or risky outputs in high-risk deployment domains? Describe audit frequency, scope, who conducts the reviews, and how findings are documented and remediated.

1. How often do you conduct third-party safety testing or AI red-teaming for your products, and who performs them? Include the date and scope of your most recent engagement. 2. What were the key findings from your most recent third-party red-teaming? How were the identified vulnerabilities prioritized and addressed? 3. How do you verify that remediation efforts were effective? Include any re-testing procedures, signoff steps, or validation metrics used. 4. What criteria, standards, or protocols do your third-party testers follow during their evaluations? For example: AIUC-1, OWASP, MITRE, or internal red-teaming frameworks. 5. Do you track whether red-teaming results lead to safety improvements in your product? Describe how learnings are used in future development cycles or governance reviews. 6. Have you undergone any audits or assessments specifically focused on your third-party testing or red-teaming program? Include timing, scope, and outcomes of any external evaluations.

For the purposes of this questionnaire, AI outputs refer to any model-generated content—text, code, scores, classifications, summaries, or recommendations—produced using input data provided by the buyer (us) or the buyer’s end users. This includes core product outputs as well as secondary outputs used in analytics, tooling, or internal processes. 1. How do you categorize AI outputs across your product and internal systems? Include both core product outputs and auxiliary outputs such as classifier results, analytics summaries, internal model logs, or retraining artifacts. 2. For each category of AI output, provide the following: a. Name of the output category b. A representative or illustrative example c. Who owns the AI output d. How the AI output is used (especially if repurposed beyond the user-facing product) e. How the output is stored and retained (include links to documentation or relevant user-facing policies) 3. Do you offer any contractual guarantees regarding AI output ownership, usage, or storage? If so, please provide the relevant contract language (e.g., MSA, DPA) or summary. 4. What operational or technical measures are in place to ensure compliance with your AI output ownership policy? 5. Have you conducted any third-party audits or internal assessments of compliance with your AI output ownership policy in the past 12 months? If yes, provide details and summaries of findings or remediation actions. 6. How will you communicate changes to your AI output ownership policy to us? Provide examples of recent updates and describe how they were communicated (e.g., dashboard notices, email, legal addenda).

1. Do you have a formal policy governing how customer or end-user data is used for AI training? Please summarize the policy and specify: a. Whether blanket consent is applied by default b. When explicit, case-by-case consent is required c. Whether consent can be retracted, and in what circumstances d. Whether (and how) we or our end users will be notified of policy changes 2. Are your AI training practices and consent requirements documented in our contract? If so, provide the relevant language from your MSA, DPA, or other contractual documents that describes limits on training, consent terms, or disclosure obligations. 3. How can we request the deletion of customer data previously used or eligible for AI training? Describe the process, timing, confirmation of deletion, and any exceptions. 4. How can our customers or end users request deletion of their data if it has been used for AI training (or could be)? Describe the available mechanisms, whether this is self-service or mediated through us, and any restrictions or limitations.

Answer the following questions where applicable based on your product’s capabilities. If a feature (e.g., generative content, AI-driven conversations, or automated decisions) does not apply to your system, you may indicate that clearly and skip the corresponding question. 1. How is AI-generated content labeled in your product? Describe the visual or textual indicators used (e.g., banners, icons, badges). Are these labels configurable or removable by us or by our end users? Please include examples, screenshots, or documentation if available. 2. Do you provide a disclosure statement at the beginning of AI-driven conversations (e.g., chat, voice, or phone-based interactions)? Describe when and how this disclosure is presented. Include representative language or transcripts if available. 3. Do you label or disclose when AI is involved in automated decision-making (e.g., filtering, ranking, approvals)? If so, describe the form and placement of the disclosure. Include examples of how this appears to users or affected individuals. 4. How do you manage updates to your labeling and disclosure practices? Describe how these updates are tracked and deployed, and how you ensure they remain compliant with emerging governance or regulatory requirements.

For the purposes of this questionnaire, a third-party AI vendor is an external service provider that processes, transmits, or stores customer data on behalf of the primary AI system provider and applies generative artificial intelligence models to that data. These vendors typically qualify as subprocessors under data protection frameworks (e.g., SOC 2, GDPR), but this designation is limited here to those whose core function involves the use of AI systems—such as hosted foundation models, AI-powered feature layers (e.g., summarization, classification), or embedded LLM infrastructure. For each third-party AI provider, please describe: 1. The name of the vendor and a brief description of their role and the function they support within your system. 2. Whether this vendor’s obligations are obligated through contractual agreements in place with us. Please provide snippets from the MSA, DPA or other documentation that outline these agreements. 3. Whether this vendor has a contract or policy with you that explicitly prohibits them from using or training on our data without our prior written consent. Describe how this policy is enforced in practice. 4. Whether this vendor processes our personally identifiable information (PII), and whether there are contractual or technical controls that restrict PII processing, require redaction, or enforce data minimization. 5. Whether this vendor retains any user or system data, including for logging, auditing, or debugging purposes. If so, describe the types of data retained, the retention period, and whether it is linked to identifiable users. 6. What security certifications this vendor holds (e.g., SOC 2, ISO 27001). Please provide documentation or attestations for each certification. 7. Whether this vendor is contractually required to disclose changes in their security posture or risk profile, and how these changes are communicated to you and to us. 8. How this vendor is assessed on an ongoing basis against security, privacy, and responsible AI practices. Include frequency and scope of reassessment. 9. Whether there have been incidents or non-compliance issues involving this vendor in the past 24 months. If so, describe the issue and the remediation steps taken. 10. In which geographic regions this vendor operates its AI infrastructure (including training, inference, and fine-tuning workloads). 11. Whether this vendor has technical or procedural mechanisms in place to mitigate harmful outputs, adversarial prompts, or adversarial attacks (e.g., prompt injection, model exploitation). Please provide evidence of these safeguards, such as evaluation results, internal documentation, red-teaming summaries, or system design descriptions. 12. Whether this vendor has technical or procedural mechanisms in place to mitigate high-severity misuse risks, including (a) Deception or influence operations; (b) Cyber exploitation (e.g., vulnerability discovery, malware generation); and (c) Catastrophic misuse (e.g., CBRN, autonomous weaponization). Provide evidence of these safeguards, such as evaluation results, misuse red-teaming reports, policy thresholds, or internal documentation outlining how these scenarios are detected and handled. 13. Whether this vendor is subject to export controls related to AI models or infrastructure (e.g., U.S. EAR, ITAR). If so, describe how you confirm compliance.

This section focuses on how your organization tracks and complies with laws that govern AI systems, including both AI-specific regulations (e.g., EU AI Act, NYC AEDT Law) and general anti-discrimination or bias-related laws (e.g., GDPR, civil rights legislation, sector-specific rules in employment or finance). These laws may require obligations such as explainability, fairness, impact assessments, or public disclosures. Please answer the following questions based on your applicable systems and use cases. 1. Which AI-related or anti-discrimination laws does your organization consider your systems subject to? For each law or regulation you’ve identified (e.g., EU AI Act, NYC AEDT Law, GDPR Article 22), describe the relevant AI use cases and how you determined the law applies. 2. How do you monitor and manage your compliance obligations across different laws and jurisdictions? Describe the process for tracking compliance status, reviewing changes in regulatory requirements, and updating internal policies. 3. Do you have a team or function responsible for managing legal and regulatory risks related to AI and bias? If yes, describe its structure, responsibilities, and how it collaborates across legal, engineering, and product teams. 4. How can users, customers, candidates, or other affected individuals report concerns related to discrimination or fairness in your AI systems? Describe how these reports are submitted, reviewed, and resolved. 5. Do you perform legal or policy reviews of high-risk AI use cases before deployment? If yes, describe the criteria for what constitutes a high-risk use case, what the review process entails, and who is responsible for conducting it.

1. What techniques do you employ to detect or flag hallucinated or unreliable content in your AI product? Please provide documentation or examples of how these techniques are implemented in production, including any filtering, scoring, or user-facing indicators. 2. Does your system provide source attribution or citation for factual claims? If so, please describe how this feature works and include screenshots or UI examples. Indicate whether the citation is programmatically enforced, user-optional, or available on request. 3. What features or design choices have you implemented to help users understand when an AI-generated claim may be inaccurate, uncertain, or unsupported? This may include confidence signals, visual disclaimers, retrieval grounding, or prompt-based disclaimers. Please describe and provide examples. 4. How have you evaluated your system's performance in reducing or identifying hallucinations? Include any structured evaluations of (a) Factual accuracy (e.g., correctness against ground truth); (b) Logical consistency (e.g., internal contradictions or unsupported inferences); and (c) Structural integrity (e.g., broken references, incomplete citations, jumbled summaries). Please share findings, metrics, or reports from the past 12 months if available.

1. How do you define and categorize AI incidents? Describe what constitutes an AI-related incident under your policy, including examples (e.g., model failures, tool misuse, safety violations, regulatory exposure). Explain how incidents are classified by severity and how these differ from routine product issues or bugs. 2. Do you maintain a severity-based incident response plan for AI failures? Describe how your AI incident response plan is structured. Include the severity tiers you use, how impact is assessed, and the corresponding escalation and resolution actions for each tier. Provide illustrative scenarios if available. 3. How do you conduct post-incident reviews for significant AI incidents? Detail your process for reviewing serious AI failures. Include when a review is triggered, who participates, how findings are documented, and how identified changes are tracked and implemented. Summarize a recent review (if shareable) to illustrate. 4. What is your process for disclosing high-impact AI incidents to customers? Describe the conditions under which customers are notified of AI incidents. Include how you determine materiality, what information is shared, the timeline for notification, and how ongoing transparency is maintained during resolution. 5. What commitments do you make to customers regarding AI failure response and support? Explain how you communicate and uphold your AI incident response commitments including: a. Operational support (e.g., service-level agreements, incident response timelines) b. Legal practices (e.g., notification obligations) c. Financial remedies (e.g., indemnities, credits, insurance coverage)

For the purposes of this questionnaire, deceptive AI behavior refers to outputs that may cause users to misinterpret the model’s identity, authority, intent, or emotional state. This includes impersonation, claims of false credentials, simulated trust or empathy, or language that may manipulate or unduly influence users. The questions below assess your safeguards against these risks. 1. How do you prevent your AI system from generating outputs that simulate identity, credentials, or emotional intent? a. Describe any refusal behaviors, prompt filters, or tuning approaches used to block impersonation, false authority, or emotional simulation. b. Include examples of restricted roles (e.g., “as a doctor…”) or blocked capabilities that address deception risk. 2. Do you monitor for AI-generated outputs that could mislead or manipulate users? a. Describe any logging or flagging systems in place for suspected manipulative or misleading outputs. b. How often are these logs reviewed, and by whom? c. What actions are taken based on the findings (e.g., retraining, escalation, updates)? 3. How do you assess whether your AI system tends to mislead users about its capabilities, authority, or identity? a. Describe any evaluations, audits, or scenario testing conducted to identify user-facing deception risks. b. Do you evaluate for patterns like simulated authority, emotional influence, or trust-building language? 4. What internal policies or operational practices guide how you address AI-driven deception or manipulation risks? a. Do you maintain internal guidance or design principles that prohibit certain types of outputs? b. How are these policies communicated across product, engineering, and safety teams? 5. Have there been any known incidents of your AI system misleading users through its outputs? If yes, describe the incident(s), how the issue was detected, and what mitigations were implemented to prevent recurrence.