Prepare these twelve answers before diligence calls and you will shorten security review by weeks.
1. AI inventory and owners. 2. Data classification for prompts and logs. 3. Prompt injection testing summary. 4. Vendor list with DPAs. 5. Incident response plan including AI scenarios.
6. Acceptable use policy. 7. Model change management (how you evaluate new models). 8. Access controls for internal AI tools. 9. Retention and deletion for conversation logs.
10. Bias/fairness approach if applicable. 11. Regulatory mapping (state AI laws, sector rules). 12. Roadmap for the next 90 days.
Missing more than four items triggers deeper technical diligence or a security bridge loan condition. A $2,000–$3,500 compliance snapshot closes most gaps in two weeks.
Book a free 30-minute call if you want a gap analysis against this list before your next fundraise.
Related reading
Put this into practice
Book a free call or start with an AI Risk Health Check from $1,500.