# Security Questionnaire Template

Operational template only. Adapt it to your own agreements, reviewers, and counsel guidance.

## Copy-Paste Template

Workflow reviewed:
[Name the product feature, internal process, spreadsheet workflow, or customer-facing operation this answer covers.]

Vendors involved:
[List the model providers, hosting vendors, databases, support tools, analytics vendors, or other third parties tied to this workflow.]

Data scope:
[State the customer, user, support, employee, or operational data categories that may flow through the workflow.]

Current operating stance:
[State the current answer on retention, training, access, human review, approvals, or other buyer concern using your actual source of truth.]

Customer or contract scope:
[Clarify whether the answer applies broadly or only to a named plan, region, customer segment, contract type, or deployment path.]

Escalation or notice impact:
[State whether the answer is complete as written, still under review, or needs security, privacy, legal, procurement, or account-owner escalation.]

Proof links and owner:
[Link the docs, tracker rows, workbook, screenshots, packet notes, or policy source behind the answer and name the internal owner for follow-up.]

## Fill Before Sending

- Name the exact workflow under review instead of answering broadly.
- Keep the vendor chain and data categories attached to the answer.
- Point to the real source of truth for the operating stance.
- Clarify whether the answer applies to all customers or only a narrower segment.
- Leave the owner and any open escalation visible instead of hiding them in a side note.
