Enterprise AI procurement: questions before buying a platform
Buying an AI platform is not just a model choice. It is also a data choice, a security choice, a support choice and an exit choice.
A shiny demo can hide a lot of boring questions: who sees the data, where it is stored, how long it is kept, whether you can export it, how logs are handled, what happens if the vendor changes the model, and what your fallback is when the service is unavailable.
TL;DR
If you are buying an AI platform, do not start with features.
Start with the questions that decide whether you can safely use it: data retention, access control, audit logs, SSO, admin controls, support levels, model update policy, export options and how easily you can leave later. If the answers are weak, the product is not ready for serious procurement.
Questions to ask first
A good procurement review usually covers these areas:
Data and privacy
- What data is stored?
- Is customer data used for training?
- How long are prompts, outputs and logs retained?
- Can you opt out of training or analytics uses?
- Can you delete or export the data later?
Security and access
- Is SSO supported?
- Are roles and permissions granular enough?
- Are audit logs available?
- Can you limit access by team, project or workspace?
- What happens to logs and attachments?
Product and vendor behaviour
- Which model is actually used?
- Can the model be swapped without warning?
- Are there clear release notes or changelogs?
- Is the platform transparent about downtime and incidents?
- What support exists when things fail?
Exit and portability
- Can you export prompts, logs, evaluations and configuration?
- How much work would it take to switch vendors?
- Are you locked into proprietary workflows or data formats?
- What happens if pricing changes or a feature disappears?
If a platform cannot answer these cleanly, the procurement risk is already visible.
What teams often miss
The common mistakes are predictable:
- they compare feature checklists but ignore retention policy;
- they buy a pilot and forget the operational controls needed for scale;
- they assume “enterprise” means safe by default;
- they do not check export or exit options until it is too late;
- they ignore who can see logs, prompts and attachments;
- they treat vendor marketing as if it were a contract.
The right procurement question is not “does it do the demo thing?” It is “can we run this safely next year?”
Practical decision check
Before you buy, ask:
- Does the platform fit our data classification rules?
- Can we explain the retention and training policy to users and auditors?
- Is access control strong enough for our team structure?
- Can we monitor incidents and changes?
- Can we export the data if we leave?
- Is the vendor’s model/update policy acceptable?
- Do we have a fallback if the platform goes down or changes terms?
If the answer to any of those is weak, keep negotiating or keep looking.
What this page cannot tell you
This page cannot tell you whether a specific contract is legally safe.
It cannot tell you:
- whether your privacy notice is sufficient;
- whether your DPIA or security review is complete;
- whether a specific jurisdiction requires extra controls;
- whether the platform is a good fit for a regulated sector;
- whether the vendor’s public documentation matches the signed contract.
It can only help you avoid buying a problem you will later have to unwind.
Methodology
- Data checked: 2026-05-28
- Sources consulted: NIST AI Risk Management Framework, OWASP Top 10 for LLM Applications, provider data controls documentation (OpenAI, Anthropic, Google Cloud), and general AI risk guidance
- Assumptions: Vendor terms, pricing, and data handling practices change. Contract language may differ from public documentation. This guide assumes the reader has procurement authority or influence within their organisation.
- Limitations: This article provides operational procurement guidance, not legal or compliance advice. It does not cover sector-specific procurement requirements (healthcare, finance, defence). It does not benchmark specific vendors or platforms. Data residency and sovereignty requirements vary by jurisdiction and are not exhaustively covered.
- Jurisdiction: Global. The procurement questions are designed to be jurisdiction-agnostic. Organisations in regulated sectors or specific jurisdictions (EU, UK, US) should supplement with jurisdiction-specific compliance requirements.
Source list
- NIST AI Risk Management Framework — https://www.nist.gov/itl/ai-risk-management-framework (accessed 2026-05-28)
- OWASP Top 10 for LLM Applications — https://owasp.org/www-project-top-10-for-large-language-model-applications/ (accessed 2026-05-28)
- OpenAI data controls FAQ — https://help.openai.com/en/articles/7039943-data-controls-faq (accessed 2026-05-28)
- Anthropic privacy policy — https://www.anthropic.com/legal/privacy (accessed 2026-05-28)
- Google Cloud trust and security documentation — https://cloud.google.com/security (accessed 2026-05-28)
Trust Stack
- Last checked: 2026-05-28
- Corrections: Contact us to report errors
Change log
- 2026-05-28: Full editorial review against 16-gate checklist. Added third Editor’s Note aside card, standardised all Editor’s Notes to proper format with class, slugified all heading IDs, added Trust Stack section with corrections policy and affiliation declaration, corrected frontmatter writtenBy label, standardised Methodology and Source List formats with access dates, removed internal process language from Change Log.
- 2026-05-22: First published.