Understanding AI Assess Scores

Transparency Score

The transparency score (0-100%) measures how much security and governance information a vendor publicly discloses. It is calculated automatically from publicly available information.

  • 70% or above (Green) — Strong transparency. Key policies are publicly documented.
  • 40-69% (Yellow) — Moderate transparency. Some important disclosures are missing.
  • Below 40% (Red) — Limited transparency. Many critical items are undisclosed.

Three-Layer Assessment

AI Assess uses a three-layer approach to evaluate vendors:

  1. Direct (11 items) — Directly verified from public pages: training opt-out, data storage location, DPA availability, security contact, SLA, etc.
  2. Certification (3 items) — Detected certifications: SOC 2 Type II, ISO 27001, ISO 42001.
  3. Inferred (7 items) — Automatically satisfied when certifications are detected. For example, SOC 2/ISO 27001 implies encryption, access control, monitoring, incident response, and change management.

What the Score Does NOT Mean

  • It is not a security audit or penetration test result.
  • It does not guarantee regulatory compliance.
  • It does not replace your organization's own due diligence.

The score helps you quickly identify which vendors are transparent about their practices and where gaps may exist.

How Scores Are Updated

Scores are automatically recalculated when:

  • New evidence is discovered from the vendor's public pages.
  • A vendor submits additional evidence through the Vendor Portal.
  • Certification information is updated.
Understanding Scores — AI Assess