A procurement-grade questionnaire for buyers of AI systems under Regulation (EU) 2024/1689 and Directive (EU) 2022/2555. Each question is mapped to a concrete obligation that flows through to the deployer or to the buying entity as an essential/important NIS2 entity. Score each answer 0–3 using the rubric below; treat anything 1 or below as a contract-negotiation lever.
Scoring scale (0–3)
| Score | Meaning | What it requires |
|---|---|---|
| 3 | Strong evidence | Question answered in writing, evidence attached, no follow-up needed. |
| 2 | Acceptable with caveat | Answered, but with a caveat the deployer accepts and documents in the procurement file. |
| 1 | Partial / commitment-only | Vendor commits to provide later. Acceptable only with a target date and an escalation owner. |
| 0 | Missing or refused | No answer or explicit refusal. Either kills the deal or becomes a contractually documented residual risk signed off by the executive sponsor. |
A — Legal status and classification
Establishes whether the vendor has done the threshold work that the buyer's Article 26 obligations rely on.
A1 — Is the system classified as high-risk under Annex III? If yes, which point and sub-point? Why it matters: Drives the entire deployer obligation set under Article 26 of Regulation (EU) 2024/1689.
A2 — Has the vendor placed the system on the EU market as a provider, and is there an EU Declaration of Conformity? Why it matters: Article 47 EU DoC is the document the buyer needs to evidence Article 26(1).
A3 — Is the system CE-marked where applicable? Why it matters: Article 48 CE marking is the visible regulatory signal that conformity assessment was completed.
A4 — If the provider is established outside the EU, is there an authorised representative in the Union per Article 22? Why it matters: Without an EU representative, enforcement is uncertain and the deployer carries more residual risk.
A5 — What is the vendor's intended-purpose statement, verbatim? Why it matters: Off-purpose use can reclassify the deployer as a provider under Article 25 and trigger Annex IV obligations.
B — Technical documentation (Annex IV)
Annex IV lists the nine sections of technical documentation a provider of a high-risk AI system must hold. The deployer needs enough of it to operate the system correctly and to respond to authority enquiries.
B1 — Will the vendor share the Annex IV technical documentation, or a summary sufficient for the deployer's Article 26 duties? Why it matters: Some vendors withhold the full file as trade secret; a deployer-grade summary is acceptable per Article 11(2).
B2 — Does the documentation include the design choices, training/validation/testing data characteristics and metrics required by Annex IV? Why it matters: Required by Annex IV points 2 and 3.
B3 — What standards has the system been assessed against (harmonised standards, common specifications)? Why it matters: Annex IV point 7 — declared standards drive the conformity-assessment presumption.
B4 — What is the post-market monitoring plan and how will deployers be notified of material changes? Why it matters: Annex IV point 9 plus Article 72 — the deployer needs the change-notification channel in writing.
B5 — What output logging is automatically generated, and how can the deployer retrieve logs for the Article 26(6) 6-month minimum? Why it matters: Article 26(6) — log access is a recurring procurement failure.
C — Article 26 deployer-facing artefacts
What the vendor must actively deliver to make the buyer's Article 26 compliance possible.
C1 — Are the Article 13 instructions for use complete and in a language the deployer understands? Why it matters: Article 13 is the legal anchor for the deployer's Article 26(1) duty.
C2 — Does the system support human oversight in the form described by the provider per Article 14? Why it matters: Article 14 design choices determine what oversight role the deployer can credibly staff.
C3 — Will the vendor cooperate on serious-incident reporting per Article 73 — within what SLA? Why it matters: Deployer must report serious incidents without undue delay; vendor cooperation is operational reality.
C4 — Does the vendor provide the Article 13 information the deployer needs for the GDPR DPIA per Article 26(9)? Why it matters: Saves the deployer from re-deriving information already held by the provider.
C5 — What evidence will the vendor provide to support the deployer's Article 26(4) input-data duty for fields the deployer controls? Why it matters: Input-data relevance is a shared workflow even though the legal duty sits with the deployer.
D — Data protection (GDPR)
AI Act compliance is necessary but not sufficient. GDPR runs in parallel and the procurement contract has to lock both.
D1 — Is there a GDPR Article 28 data processing agreement (DPA) in place? Why it matters: Foundational — without a DPA the deployer cannot lawfully use the vendor as a processor.
D2 — Are sub-processors listed, with locations and onward-transfer mechanism? Why it matters: GDPR Chapter V — transfers outside the EEA need a valid mechanism (adequacy, SCCs + TIA).
D3 — What is the legal basis the vendor relies on for any processing done as a controller (e.g. model improvement)? Why it matters: If the vendor processes for its own purposes, the deployer's controller risk changes materially.
D4 — What are the data retention and deletion commitments per data category? Why it matters: Aligns to the deployer's GDPR Article 5(1)(e) storage-limitation duty.
D5 — How does the vendor handle data-subject rights requests routed via the deployer? Why it matters: Required to make the deployer's GDPR Article 12 response capability credible.
E — NIS2 supply-chain security (Article 21)
If the buyer is a NIS2 essential or important entity, Article 21(2)(d) supply-chain duties flow through to every AI vendor.
E1 — Is the vendor itself in scope of NIS2 (essential or important entity) or any equivalent sectoral regime such as DORA? Why it matters: Determines the level of cyber assurance the vendor must already hold.
E2 — What information-security certifications does the vendor hold (ISO/IEC 27001, SOC 2 Type II, ENS, others)? Why it matters: Operational evidence supporting the buyer's Article 21(2)(d) supplier assessment.
E3 — What is the vendor's incident-notification commitment to customers, and within what timeframe? Why it matters: The buyer's NIS2 Article 23 24-hour clock depends on timely vendor notification.
E4 — Does the vendor enforce multi-factor authentication, encryption in transit and at rest, and a secure-development lifecycle? Why it matters: Article 21(2)(j) authentication and Article 21(2)(e) secure-acquisition obligations.
E5 — When was the last independent penetration test or red-team exercise, and is the executive summary shareable? Why it matters: Demonstrable cyber-hygiene evidence for Article 21(2)(g).
F — Contract and exit
Procurement clauses that make the rest of the schema enforceable.
F1 — Is there an audit / inspection right for the buyer or the buyer's regulator? Why it matters: Without it, Article 21(2)(d) supplier oversight and Article 26(12) authority cooperation are theoretical.
F2 — What are the price-change, scope-change and termination-for-convenience terms? Why it matters: Material to total cost of ownership and to exit risk.
F3 — What are the data export, model-output portability and termination-assistance provisions? Why it matters: Avoids lock-in and supports replacement-vendor onboarding.
F4 — What is the liability cap, and does it carve out IP-infringement and confidentiality breaches? Why it matters: AI vendors increasingly cap liability at 12-month fees; IP carve-outs matter where training-data provenance is unclear.
F5 — Is there a regulatory-change clause obliging cooperation as the AI Act, NIS2 and Digital Omnibus evolve? Why it matters: Regulatory posture in 2026–2027 will keep shifting; the clause prevents costly re-negotiation.
How to use the schema
- Issue the 30 questions in your RFP / RFI rather than negotiating them after vendor selection. Earlier is cheaper.
- Score each answer 0–3. Anything scoring 1 or below is a negotiation lever or a documented residual risk — not a silent acceptance.
- Attach the completed schema to the procurement decision file. Auditors and competent authorities under both regimes will accept a contemporaneous scoring record as evidence of due diligence.
- Re-score annually and after any provider version upgrade that touches the intended purpose, the training data composition or the human-oversight design.
- Map the highest-scoring vendor gaps to your own Article 26 evidence pack — sometimes the deployer can compensate for vendor weakness with extra organisational controls; sometimes not.
Pricing context
Penalties for non-compliance are non-trivial. Annex IV technical-documentation failure can attract up to EUR 15 million or 3% of worldwide annual turnover (whichever is higher) under Article 99(4) of the AI Act. Article 5 prohibited-practice breaches go to EUR 35 million or 7%. NIS2 Article 34 sets up to EUR 10 million or 2% for essential entities, EUR 7 million or 1.4% for important. Vendor due diligence is one of the cheaper ways to reduce that exposure.
Sources
- Regulation (EU) 2024/1689 (AI Act), Articles 11, 13, 14, 22, 25, 26, 47, 48, 72, 73, 99 and Annexes III, IV — https://eur-lex.europa.eu/eli/reg/2024/1689/oj
- Directive (EU) 2022/2555 (NIS2), Articles 21, 23, 34 — https://eur-lex.europa.eu/eli/dir/2022/2555/oj
- Regulation (EU) 2016/679 (GDPR), Chapters IV–V (controllers, processors, transfers).
- European Commission AI Act Service Desk; ENISA NIS2 supply-chain guidance.
Note: PowerQuant supplies templates and documentation for use in your internal procurement process — not legal advice. Liability caps, IP carve-outs and regulatory-change clauses are jurisdiction-specific; engage your legal counsel for contract drafting.
PowerQuant Module 2
Procurement evidence pack: filled vendor questionnaire, scored against this 30-question schema, plus the Article 26 deployer evidence that compensates for vendor gaps. 14–21 working days.