Unit 7: Managing Vendor Risk – Compliance When You Don’t Own the Tool
Not all AI vendors are equally transparent or responsible. Look out for:
Black-box models – No visibility into how it works
No documentation – Missing training data info or system purpose
Lack of oversight – No clarity on human involvement or error handling
Unclear accountability – Who fixes issues if they arise?
No bias testing – Vendor doesn’t audit outputs or datasets
📌 Red flag: If a vendor can’t explain their system — pause before adoption.
