Third-Party Model Procurement DD Program
Pre-procurement DD on foundation models — training-data provenance, security review, model-card transparency, deployer-vs-provider classification. Needs GRC.
What is Third-Party Model Procurement DD Program?
Pre-procurement DD on foundation models — training-data provenance, security review, model-card transparency, deployer-vs-provider classification. Needs GRC. In CISO Game's investment catalog, Third-Party Model Procurement DD Program is a AI Security Standard item priced at $50k/yr.
What does Third-Party Model Procurement DD Program do for your security posture?
- Prevention: +10
- Detection: +4
- Awareness: +4
What team does Third-Party Model Procurement DD Program require?
To run this product at full effectiveness, your team needs: 1 grc. Without the required role, the product runs at 30% effectiveness in CISO Game's posture model.
Which cybersecurity risks does Third-Party Model Procurement DD Program mitigate?
- R48 Third-Party Model Procurement DD GapAI
- R28 AI Supply Chain CompromiseAI
- R30 EU AI Act High-Risk Non-ConformityAI
Where does Third-Party Model Procurement DD Program fit in a CISO program?
AI security tooling addresses a fast-evolving threat surface: prompt injection, training-data poisoning, model theft, shadow AI usage, model supply chain. Categories include AI firewalls (LLM I/O classification + prompt filtering), AI Security Posture Management (AI-SPM), AI red-teaming services, model SBOM, and AI-output evaluation harnesses. Third-Party Model Procurement DD Program only makes sense when AI focus is enabled in the scenario — otherwise the AI-specific risks (R23–R28) aren't in your register and the spend doesn't earn its keep. Real-world AI security programs lean heavily on governance because the controls are still maturing faster than vendors can productize them.
How do you try Third-Party Model Procurement DD Program in CISO Game?
Play CISO Game free, head to the Investments tab, and you'll see Third-Party Model Procurement DD Program in the catalog. Confirming the purchase will show the projected risk movement before you commit. No signup required.