Pricing

Buy one AI vendor review packet.

Use it when a customer, auditor, or internal approver asks about AI vendor data use, retention, subprocessors, DPA coverage, or Trust Center language. The packet gives your team a dated source trail, review questions, and PDF/CSV files to route before answering. Prices are in USD and taxes may apply.

Buy $199 packet Start with free scan

Buying path: create an account, confirm scope, then pay for the one-time packet.

Plain limits

Free sample: 3 vendors, sample report structure
Review packet: 10 vendors, one PDF and CSV packet
Self-serve purchase: One-time packet checkout
Payment model: One-time checkout, no renewal

Review packet

Self-serve

$199

One review packet with official source links for AI vendor commitment review.

Up to 10 vendors in scope
One PDF and CSV review packet
Source links, source coverage gaps, review questions, and next steps
No future alerts or source reviews are included after this packet

Buy $199 packet

Why packet first

When a customer asks for evidence, a full vendor risk platform is often too much for the immediate job. The first paid step is a concrete packet your security, privacy, legal, or founder reviewer can inspect.

Checkout buys the packet itself: one payment, one scoped review, and one PDF/CSV handoff you can attach to a ticket, SOC 2 evidence record, or customer-response workflow.

Skip the blank-page evidence hunt

Start from a packet that already groups vendor source links, reviewed dates, source gaps, and the customer commitment being checked.

Give reviewers something they can act on

Security, privacy, legal, and founder reviewers get the decision list, unknowns, and PDF/CSV handoff instead of a loose set of tabs.

Keep the answer defensible later

The packet preserves what was reviewed, what was still uncertain, and who needed to approve the answer before it went out.

Packet scope

One clear scope, one useful handoff.

The packet is priced and scoped for one concrete review job: enough vendor coverage to support a customer review or audit note without implying an ongoing vendor risk program. The checkout stays simple: one price, one packet, one-time payment.

When to buy

Buy when there is a specific customer review, SOC 2 evidence request, AI vendor approval, or questionnaire answer to support. The packet is meant to prepare the evidence and next decisions, not replace your final internal approval.

Offer model reviewed: May 23, 2026

What stays fixed

Price: $199, one-time payment
Scope: Up to 10 vendors in one review packet
Deliverable: One PDF and CSV review packet
Not included: Future alerts, legal approval, or a full vendor risk program

Why this scope works

A narrow packet is easier to judge before payment and easier to use after payment. More vendors, manual source refreshes, and future alert workflows need their own scope and price.

The packet should be easy to inspect before payment and easy to route after payment.

Good fit for this packet

Buy it when there is a concrete review job in front of you.

Customer review pressure
A customer, auditor, or internal approver is asking about AI vendors.
The packet is meant for teams that need to answer security questionnaires, SOC 2 vendor monitoring requests, AI approval reviews, or customer follow-up with cited vendor evidence.
Commitment drift risk
Your team has made customer-facing promises about vendor behavior.
It is useful when Trust Center, DPA, subprocessors, model-training, retention, or security statements depend on upstream AI/SaaS vendor sources.
Lightweight handoff
You need a review packet, not a new TPRM platform.
The output is designed to be forwarded to security, privacy, legal, or founder reviewers with review questions and evidence links already organized.

Not the right fit

These needs are real, but they call for a larger engagement or a full platform.

Legal opinion
You need counsel to approve customer wording.
AI Vendor Packet can prepare evidence and suggested review actions, but it cannot decide legal obligations or approve contract, DPA, Trust Center, or questionnaire wording.
Future alerts
You need alerts, digest emails, or a full vendor risk program.
The self-serve paid product is one packet. It does not include future alerts, digest emails, SSO, RBAC, or a full vendor intake and approval program.
Broad vendor program
You need a complete TPRM replacement across dozens of vendors.
The packet is intentionally narrow: up to ten selected vendors, official source checks, commitment review prompts, and exportable evidence.

Outside the base packet

Extra work is scoped separately.

The self-serve checkout covers one packet. Larger vendor sets, manual source refreshes, and future alert workflows are outside this offer so the scope stays clear before payment.

Manual scope boundaries

Request: Additional vendors
Current answer: You need more than ten vendors in one review.
Why: Extra vendors can change source coverage, report length, review time, and evidence quality.

Request: Manual source refresh
Current answer: A stale or failed official source blocks a customer-facing answer.
Why: Manual refresh work depends on the specific source gap and should not be implied by the base packet.

Request: Future alerts or full vendor program
Current answer: You need future alerts, digest emails, or a full vendor risk workflow.
Why: The current launch offer is one review packet, not a recurring service.

Request	Current answer	Why
Additional vendors	You need more than ten vendors in one review.	Extra vendors can change source coverage, report length, review time, and evidence quality.
Manual source refresh	A stale or failed official source blocks a customer-facing answer.	Manual refresh work depends on the specific source gap and should not be implied by the base packet.
Future alerts or full vendor program	You need future alerts, digest emails, or a full vendor risk workflow.	The current launch offer is one review packet, not a recurring service.

Review packet delivery

Know what you receive before paying.

A one-time review packet covers up to ten selected vendors. It is built to show which vendor evidence was checked, which customer commitment may need review, and what should happen next.

When evidence is incomplete

Unavailable source checks stay visible: If a vendor source cannot be checked, the report names the affected document as a source coverage gap instead of treating it as clean evidence.
Unknown applicability is preserved: When plan, region, agreement, model, or product-path scope is unclear, the report asks a review question rather than making a legal conclusion.
Human approval remains explicit: AI Vendor Packet organizes official-source review evidence and suggested review actions. It does not provide legal advice or final approval for customer answers.

Included in the packet

Vendor and commitment scope
The report starts with selected vendors, usage context, data categories, product path, and the customer commitments being checked.
Cited findings
Findings point to official vendor sources and separate live source evidence from clearly labeled sample or review prompts.
Review questions and next steps
Each material issue includes the question to answer before reusing a Trust Center statement, DPA exhibit, sales answer, or SOC 2 vendor note.
Review readiness checks
The report ends with a proceed-or-hold status that names source gaps, applicability questions, reviewer decisions, file readiness, and the final use limit.
PDF and CSV files
The PDF is meant for internal review. The CSV is meant for spreadsheet triage, owner assignment, and evidence tracking.

What happens after checkout

1Confirm the review scopeSelect the vendors that matter, then record product path, plan, data categories, and customer commitment language.
2Generate the report packetCreate the report after scope is ready. The packet records vendors, source checks, findings, source coverage gaps, limitations, and export links.
3Route the review workDownload PDF and CSV files, attach official source links, and assign the remaining review questions to security, privacy, legal, or founder reviewers.

Reviewer-ready proof

Before checkout, inspect the same acceptance gate the paid packet uses.

Checkout buys organized evidence for a real review, not a rubber stamp. The report should say whether it can move forward internally or should stay on hold because source, applicability, owner-decision, or file blockers remain.

A proceed status means the report is organized for internal review. It does not approve customer language, certify a vendor, or replace legal, security, privacy, or compliance review.

Acceptance proof before payment

These are the checks you should expect to see in the packet before treating it as ready for internal review.

Proof: Final review status
Review question: Will we know whether to forward the report internally or hold it?
Report section: Review readiness checks

Proof: Source-gap holds
Review question: Will broken, stale, or not-checked official sources stay visible?
Report section: Source coverage and citations

Proof: Assumption holds
Review question: Will plan, product path, region, agreement, or data-category unknowns be named?
Report section: Applicability checks

Proof: Decision trail
Review question: Will each material finding have a decision path?
Report section: Decision register

Proof: Archive-ready files
Review question: Will the report say what to attach to the system of record?
Report section: Report cover sheet and files to attach

Proof	Review question	Report section
Final review status	Will we know whether to forward the report internally or hold it?	Review readiness checks
Source-gap holds	Will broken, stale, or not-checked official sources stay visible?	Source coverage and citations
Assumption holds	Will plan, product path, region, agreement, or data-category unknowns be named?	Applicability checks
Decision trail	Will each material finding have a decision path?	Decision register
Archive-ready files	Will the report say what to attach to the system of record?	Report cover sheet and files to attach

Buying path

Create an account, confirm scope, then pay.

Clicking Buy $199 packet sends you through account creation or login, workspace selection, and billing. That keeps the paid packet tied to the vendor scope, report files, and owner record.

The checkout buys one packet for one review. Use the exported PDF/CSV for internal routing; keep final customer wording with your legal, security, privacy, or compliance owner.

Before checkout

Make sure the packet fits the review you have.

The cleanest purchase is one where vendor scope, customer commitment language, and an internal reviewer are known before the packet is generated.

Pre-purchase checklist

Sample reviewed: Open the sample report, PDF, and CSV before buying so the structure is clear.
Vendor scope fits: Confirm the paid report limit covers the vendors that matter for this review.
Usage context is known: Have product path, plan, data categories, region, and customer commitment language ready before generating the packet.
Internal reviewer exists: Assign a security, privacy, legal, compliance, or founder reviewer who can make the remaining decision after evidence is collected.

Trust checks before payment

Official sources only: Material vendor facts should come from official vendor documentation or another clearly identified primary source. Unsupported facts become limitations or review questions.
Reviewed dates stay visible: Public pages and packets should show reviewed dates so a buyer can tell whether source checks are current enough for their review.
Sample files are available before checkout: The sample PDF and CSV show the report structure, source links, first decisions, action plan, claim/evidence table, and limitations before a buyer pays.
Clear source-gap handling: If an official source is stale, broken, or not applicable to the selected product path, the packet should preserve that gap and be corrected before being reused as evidence.

Source freshness

The packet should not ask you to trust stale source evidence.

For packet evidence, critical AI and SaaS vendor sources should show a recent reviewed date. Material vendor notices, Trust Center updates, DPA changes, subprocessor notices, and customer-reported changes should be checked before the packet is reused externally.

Freshness operating model reviewed: May 22, 2026

Official-source boundary

Source evidence should come from official vendor documentation, Trust Center pages, product documentation, DPAs, or clearly identified primary vendor notices.

Recent review date

Sources used in a paid packet should have a visible reviewed date and should be rechecked before they are reused for a new customer answer.

Urgent-change handling

Material vendor notices, broken source links, DPA updates, subprocessor notices, and customer-reported source changes should be routed to the relevant owner before reuse.

Stale-source warning

A source older than 60 days, missing a reviewed date, or failing the latest source check should be marked for review before the packet is reused externally.

Need the sample first?

Run the free scanner, review the sample, then buy the packet when you have a customer review, SOC 2 record, AI approval, or questionnaire answer to support.

Last reviewed: May 23, 2026

Buy $199 packet Open scanner Read methodology