AI tool vetting

what AI tool vetting is

AI tool vetting is the process of evaluating an AI product before adding it to your approved-tool list. The goal is to understand whether the tool's data handling terms are compatible with your obligations to customers, employees, and regulators, and whether the vendor has put in place the controls that responsible use requires.

Vetting means answering a defined set of questions consistently, before a tool is used with company data. A full security audit of every tool is not required. The questions cover data processing agreements, training-on-data policies, data residency, enterprise mode availability, and relevant security certifications.

A vetting process that produces documented answers also creates an audit trail. When a regulator, auditor, or enterprise client asks how AI tools are governed, a completed vetting record for each approved tool is a factual answer.

why AI tools enter the stack without being vetted

Most unvetted adoption follows the same few paths.

The tool is free and frictionless. A free-tier AI tool that an employee can start using in a browser within two minutes does not generate an IT ticket or a procurement request. There is no moment where a vetting decision was consciously skipped. The decision was never triggered.

The pace of the market outstrips the pace of review. New AI platforms, plugins, and integrations appear every week. An IT team without a defined, lightweight vetting process is unlikely to evaluate tools faster than they arrive. The backlog grows, and in the meantime people use what works.

No one owns the process. If it is unclear who is responsible for vetting AI tools and what the approval pathway looks like, requests either go nowhere or are escalated to a level that creates delays. Both outcomes push employees toward using tools informally rather than waiting.

what using unvetted AI tools exposes you to

The exposure from an unvetted AI tool depends on what access the tool holds and what the vendor's terms allow.

Training on your data. Consumer-tier and many mid-tier AI tools use inputs to improve their models by default. An employee using such a tool may be contributing company data to an external training dataset, permanently, without the organization's knowledge or consent. Enterprise plans that disable this behavior exist but require active procurement and often a price increase.

No DPA. GDPR requires a data processing agreement when personal data is transferred to a third party. A consumer AI tool used with customer or employee personal data, without a DPA in place, creates a compliance gap. The tool being widely used and well-regarded does not resolve this.

Unknown data residency. Where data is stored and processed matters under GDPR and under some sector-specific regulations. A tool that routes data through infrastructure outside the EU may not align with your obligations, regardless of how useful the tool is.

Broad OAuth scopes. Many AI productivity tools request OAuth access to email, documents, and calendar when a user signs up. Those scopes are often broader than the use case requires. An unvetted tool that holds broad access to company email has an attack surface proportional to that access.

what works

Most reviews come down to five questions, asked the same way every time: does the vendor provide a DPA, are inputs used to train the model, where does the data reside (EU or not), is there an enterprise or business plan that disables training, and which security certifications the vendor holds, with ISO 27001 and SOC 2 as the usual reference points. The intensity of the review then follows the data. A tool that only ever processes public or non-sensitive internal material needs a lighter pass than one handling customer personal data or NDA-covered content, and matching effort to risk is what keeps the process fast enough to be used at all.

The answers are worth little if they evaporate. A central record, a simple spreadsheet or a row in the IT service management tool, turns each review into an audit trail that answers regulators, auditors, and enterprise clients asking how AI tools are governed. A named process owner and a stated turnaround keep requests from disappearing into a queue, because a queue with no exit is what drives informal adoption in the first place.

Two extensions make the framework complete. Vetting runs backward as well as forward: the IdP's OAuth grant list shows the tools already in use that were never submitted for review, and the ones holding broad access to mail or documents are the natural place to start. And approved tools get re-reviewed on an annual cycle, because vendors change their terms, and a tool approved two years ago under one data processing policy may operate under different terms today.