AI Vendor AI-Risk-Assessment Narrative: Drafting Procurement-Stage Memos

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-ethics-ai-and-vendor-ai-risk-assessment-narrative-r7a3-creators

1. What is the primary function of AI when drafting procurement-stage AI-risk narratives for vendor assessment?

   1. Independently testing and verifying the accuracy of vendor claims about their AI system
   2. Replacing legal counsel in reviewing contractual due diligence requirements
   3. Summarizing vendor model cards, data flows, and residual-risk picture into a coherent narrative
   4. Making the final accept-or-reject decision about whether to purchase the AI system

2. Who holds the responsibility for making the final accept-or-reject decision in AI vendor procurement?

   1. Risk and procurement teams
   2. The AI developer who created the system
   3. The AI system drafting the risk narrative
   4. The vendor selling the AI system

3. Why should vendor model cards be treated as claims rather than verified facts during procurement?

   1. Vendors may not fully disclose limitations or potential failure modes in their model cards
   2. AI systems can independently verify model card contents
   3. Model cards are required by law to be completely accurate
   4. Model cards are legally binding documents that cannot be disputed

4. In the context of an HR-screening tool procurement, what should an AI-generated risk memo include?

   1. A decision on whether to hire the vendor
   2. The complete technical source code of the vendor's AI model
   3. A ranking of the vendor against competitors
   4. A model-card summary, data-flow diagram description, residual-risk frame, and proposed contract clauses

5. What specific task can AI NOT perform in the vendor AI-risk assessment process?

   1. Replacing contractual due diligence performed by counsel
   2. Rendering data-flow and residual-risk summaries crisply
   3. Summarizing information from the vendor's model card
   4. Drafting a narrative that follows an institutional vendor-AI risk framework

6. What role does human legal counsel play in AI vendor procurement that AI cannot fulfill?

   1. Drafting initial narrative drafts for review
   2. Organizing data-flow information into a readable format
   3. Summarizing the vendor's model card information
   4. Interpreting contractual language and assessing legal risk exposure

7. What does the residual-risk frame in a procurement memo describe?

   1. Risks that have been completely eliminated by the contract
   2. Risks that remain after proposed mitigation measures are implemented
   3. The vendor's financial risk exposure
   4. The total risk of using the AI system

8. Why is the data-flow component important in an AI-risk assessment memo?

   1. It determines the cost of the AI system
   2. It describes how data moves through the system and where privacy or security risks may arise
   3. It identifies who will use the AI system
   4. It is required by government regulations

9. What is a model card in the context of AI vendor procurement?

   1. A legal contract between the buyer and vendor
   2. A standardized document providing technical details about an AI model's capabilities and limitations
   3. A marketing brochure from the vendor
   4. A credit check document for the vendor company

10. An organization is procuring an AI system for customer service chatbots. The vendor's model card shows 85% accuracy. What should the risk team do with this information?

    1. Reject the vendor immediately since 85% accuracy is too low
    2. Use AI to summarize this information in the risk narrative while the team independently tests the claim
    3. Accept the vendor's accuracy claim as verified fact
    4. Replace the model card with the organization's own testing results

11. What distinguishes AI's role from human decision-makers in procurement-stage risk assessment?

    1. AI synthesizes and summarizes information; humans make judgments and decisions
    2. AI can assess legal liability while humans cannot
    3. AI and humans perform identical functions in the assessment process
    4. AI identifies risks while humans only review contracts

12. What type of information would NOT typically appear in a procurement-stage AI-risk memo?

    1. Description of how data moves through the AI system
    2. The final purchase decision and approval signatures
    3. Summary of the vendor's model card details
    4. Identification of remaining risks after proposed mitigations

13. Why is it insufficient for an organization to rely solely on an AI-generated risk narrative without human review?

    1. AI-generated narratives are always technically inaccurate
    2. Human review is required by law in all jurisdictions
    3. Human judgment is needed to interpret findings, assess legal implications, and make contextual decisions
    4. AI systems cannot write narratives about technical topics

14. What does it mean that vendor model cards are 'claims' rather than verified information?

    1. Vendors may present their AI's capabilities in the best possible light without independent verification
    2. Model cards cannot be used in legal proceedings
    3. AI systems automatically validate model card contents
    4. Model cards are government-certified documents

15. Which stakeholder is responsible for testing and verifying vendor claims in an AI procurement process?

    1. The vendor's sales team
    2. The AI system that drafted the narrative
    3. The organization's risk team and legal counsel
    4. The government regulatory agency