AI Vendor Risk Index
Evidence-based risk scores for 56+ AI vendors. Security, compliance, transparency, privacy, and supply chain ratings built for CISOs, procurement teams, and AI governance leads.
Risk Dimensions Scored
Security
SOC 2 compliance, penetration testing, encryption standards, incident response, and vulnerability management across AI platforms.
Compliance
ISO 27001, GDPR, HIPAA, SOX, and industry-specific regulatory adherence. Certification tracking and audit history.
Transparency
Model documentation, training data disclosure, algorithmic auditing, and public reporting on safety evaluations.
Privacy
Data handling practices, retention policies, opt-out mechanisms, data processing agreements, and privacy-by-design implementation.
Supply Chain
Third-party dependency tracking, model provenance, SBOM availability, and upstream vendor risk propagation.
How Scores Work
Each vendor is scored 0–100 across five dimensions with letter grades (A+ to F). Scores are computed from public evidence including trust center pages, compliance certifications, security advisories, and transparency reports. All scoring criteria and evidence links are open source.
Featured Vendor Profiles
OpenAI
GPT-4, DALL-E, and API platform risk evaluation across all five dimensions.
Anthropic
Claude model family security posture, constitutional AI transparency, and compliance standing.
Google DeepMind
Gemini, PaLM, and Vertex AI platform risk scores with enterprise compliance tracking.
Meta AI
LLaMA open-weight model risk assessment, supply chain analysis, and licensing evaluation.
Microsoft
Azure OpenAI Service, Copilot, and enterprise AI platform security and compliance ratings.
Amazon Bedrock
AWS Bedrock multi-model platform risk scores, data handling policies, and compliance certifications.