AI Advisor

The Problem

Every organization knows they need an AI strategy. Few have one that is documented, scored, and actioned. The enterprise AI vendor landscape spans hundreds of overlapping tools across capability categories including LLM APIs, observability, compliance, and governance — with pricing models that range from free tiers to $500,000/yr enterprise contracts. Meanwhile, employees adopt tools like ChatGPT, Claude, and Gemini ad-hoc, creating ungoverned shadow AI that generates compliance exposure under EU AI Act Article 9, GDPR Article 22, and NIST AI RMF MAP-1.

Where do you start? What do you actually need? What are you already paying for across OpenAI, Anthropic, Google, Microsoft Azure, and 40+ SaaS tools that overlap with TruthVouch’s 7-product platform?

The Solution

AI Advisor starts with a free 5-minute assessment — 25 questions across 5 AI readiness dimensions: Monitoring, Compliance, Governance, Transparency, and Operations. You receive an instant maturity score from 0–100, a prioritized gap analysis ranked by regulatory and business risk, and a recommended sequence of next steps tailored to your organization’s size, industry, and goals.

The vendor assessment hub scores every AI tool across six dimensions — Transparency, Compliance, Accuracy, Security, Bias & Fairness, and Data Governance — on a 0–100 scale. Three assessment depths are available: quick (~30 seconds for catalog vendors), standard (~5 minutes), and deep dive (~30 minutes for high-stakes procurement decisions). Each assessment produces a per-vendor PDF report with dimension scores, individual findings, evidence snippets, and confidence ratings. Dimension weights are fully configurable — your security team can weight Security at 40% while a compliance-heavy industry can weight Compliance higher. Shared base assessments for catalog vendors are cached and reused, keeping costs low while keeping scores fresh (cache refreshed every 7 days). Ongoing monitoring alerts you when a vendor’s score changes meaningfully. The spend dashboard reconciles your actual usage across OpenAI, Anthropic, Google, and Azure against your contract commitments, surfacing redundant spend and under-utilized licenses.

Vendor Assessment Questionnaires

How do you go beyond automated scoring for high-stakes vendor decisions? The Vendor Assessment Questionnaires feature lets your compliance team fill out structured due diligence questionnaires directly within AI Advisor, building a documented evidence record for each vendor relationship. Questionnaire responses are weighted into the vendor’s overall assessment score: questionnaire answers account for 40% of the total score, with the remaining 60% coming from the AI-driven analysis.

Built-In Questionnaire Templates

AI Advisor ships with 6 built-in questionnaire templates covering the most common vendor due diligence scenarios:

• GDPR Data Processor Assessment — covers DPA status, sub-processing arrangements, data subject rights, breach notification procedures, and international data transfers under GDPR Article 28
• EU AI Act High-Risk Supplier Assessment — covers conformity assessment, technical documentation, transparency obligations, human oversight provisions, accuracy, robustness, and post-market monitoring for vendors supplying systems listed in EU AI Act Annex III
• SOC 2 Vendor Security Review — validates security posture across the SOC 2 Trust Services Criteria: Security, Availability, Confidentiality, Processing Integrity, and Privacy
• HIPAA Business Associate Assessment — due diligence for vendors handling Protected Health Information (PHI) as Business Associates, covering BAA status and administrative, physical, and technical safeguards under 45 CFR Parts 164.308, 164.310, and 164.312
• ISO 42001 Supplier Evaluation — aligned to ISO/IEC 42001:2023 AI Management System Standard; covers AI policy, risk management, impact assessment, resource provisions, and continual improvement
• General AI Tool Assessment — baseline assessment for any AI tool using the NIST AI Risk Management Framework (AI RMF 1.0) core functions: GOVERN, MAP, MEASURE, MANAGE

Custom Templates and Evidence Attachments

Your team can create custom questionnaire templates with section branching — follow-up questions appear only when relevant answers are given — and jurisdiction tags to filter templates by the regulations applicable to a given vendor relationship. Individual questions can have evidence attachments: the assessor uploads a document (contract clause, audit report, certification) directly to the question it supports, keeping evidence co-located with the claim it substantiates.

Regulatory FAQ Bot

What is the Regulatory FAQ Bot? The Regulatory FAQ Bot is a RAG-powered chat interface built into AI Advisor. It answers regulatory knowledge questions and account-specific compliance questions from a single interface, drawing on two sources: a vector index of 40+ regulatory frameworks (articles, recitals, and guidance) and your live TruthVouch compliance data.

What types of questions can it answer?

Regulatory knowledge questions — questions about what the regulations say:

• “What does EU AI Act Article 14 require for human oversight?”
• “When is a DPIA required under GDPR Article 35?”
• “What is the difference between a high-risk AI system and a general-purpose AI model?”
• “What are the 72-hour notification obligations under GDPR Article 33?”

Account-specific questions — questions about your organisation’s posture:

• “Which of our AI systems have no Annex IV technical documentation?”
• “What is our current EU AI Act compliance score?”
• “Which incidents are unresolved and approaching their notification deadline?”
• “Which of our vendors have failed controls in the last 30 days?”

Citations and Conversation History

Every answer to a regulatory knowledge question includes source citations: the framework slug, article reference, and a similarity score showing how closely the retrieved chunk matched the question. Account-specific answers cite the underlying compliance data record. Conversation history is preserved within each session, enabling multi-turn follow-up questions without losing context.

Usage Limits by Plan

Plan	Questions per Month
Professional	200
Business	500
Enterprise	Unlimited

Why TruthVouch

An AI strategy platform designed to connect assessment to execution — from a free 5-minute assessment through to a 7-product AI trust platform covering AI-powered hallucination detection, compliance automation (50+ regulations including EU AI Act, ISO 42001, NIST AI RMF), brand intelligence (7 AI search engines monitored), and governance-as-code. Our blueprint studio generates implementation roadmaps you can actually follow — not generic advice, but step-by-step plans with specific budget projections, built around your specific maturity gaps and organizational constraints. Plans start at $349/mo (Starter) with annual discounts saving up to 15%.