Unit 7: Managing Vendor Risk – Compliance When You Don’t Own the Tool
Scenario: A university uses a third-party AI tool to rank student applications.
Problem: The tool favours students from private schools due to biased training data.
Response:
Vendor was required to submit a fairness audit
Contract was updated to require ongoing monitoring
Human reviewers were added to approve final decisions
Outcome: Risk reduced, and student trust restored
