Third-Party AI Risk
Supports high-risk vendor and model-service assessments referencing the NIST AI RMF, ISO/IEC 42001, and SOC 2 Type II with an RBAC configuration point, data redaction, secret DLP, citation checks, a configurable human-oversight point, and audit evidence.
This template is a configurable starting point and control mapping. It is not certification, legal advice, or a guarantee of compliance; validate it against your obligations and environment before use.
Global
3 references
4 mapped domains
Regulated SaaS, Private Cloud
Referenced Frameworks, Standards & Obligations
Mapped Control Domains
Deployment profiles
Get started in 3 steps
Open the template
Open the catalog entry in the Keeptrusts console and review its included controls, references, and deployment metadata.
Adapt the configuration
Use the template as a starting point, then adjust relevant policies, thresholds, routing, and review settings for your requirements.
Validate before rollout
Test every outcome you configure—such as allow, redact, block, or operator review—before deploying through a supported gateway workflow.
More Governance & Operations templates
Model Governance Registry
Model-registry controls for governed records, citation checks, a configurable human-oversight point, and auditability.
AI Disclosure & Transparency
AI-disclosure controls for protected data, citation checks, a configurable human-oversight point, and transparency evidence.
Shadow AI Discovery
Shadow-AI review controls for protected findings, citation checks, a configurable human-oversight point, and traceability.