Vendor Model Update Disclosure and Re-Assessment Protocol
Require AI vendors to disclose material model updates, including capability changes, safety evaluation results, and model card revisions, and establish an internal re-assessment trigger process so that vendor model changes do not nullify the organization's prior due diligence.
Objective
Ensure the organization's AI vendor risk posture remains current when vendors release model updates that materially change capabilities, safety characteristics, or compliance properties, by establishing contractual disclosure requirements and a documented re-assessment workflow.
Maturity Levels
Initial
The organization is not systematically informed when vendors release model updates. Risk assessments are conducted at procurement and not revisited unless an incident occurs.
Developing
The organization monitors vendor announcements informally. Some re-assessment occurs for major version changes but there is no defined trigger or process.
Defined
Vendor contracts include a clause requiring disclosure of material model updates, defined as changes that affect capability scope, safety evaluation results, or the terms of the model card. An internal re-assessment protocol defines what triggers a formal review and who conducts it.
Managed
The re-assessment protocol is operationalized: disclosure notifications are tracked in the vendor risk register and triaged within a defined window. Re-assessment findings are documented and any required control adjustments are tracked to completion.
Optimizing
Re-assessment results feed into the enterprise AI risk register and inform the annual vendor scorecard. The organization participates in vendor beta programs to assess upcoming model changes before they affect production deployments.
Evidence Requirements
What an auditor or assessor would expect to see for this control.
- —Vendor contracts containing model update disclosure clause with defined materiality triggers and notice periods.
- —Re-assessment protocol document defining triage criteria, assessment types, and responsible owners.
- —Disclosure log tracking all model update notifications received, triage decisions, and re-assessment outcomes for the past 12 months.
- —Evidence of control adjustments made in response to re-assessments where new risks were identified.
Implementation Notes
Why model updates require a distinct control
Existing vendor due diligence (PRC-001) and third-party model evaluation (PRC-003) are point-in-time assessments conducted at procurement. They assume the model being deployed is the model that was assessed. That assumption breaks when vendors silently update underlying models, retrain on new data, adjust safety filters, or release new versions that replace the assessed model without equivalent notice.
The risk is not theoretical. In 2024 and 2025, several major model providers updated production models in ways that materially changed capability and safety profiles, sometimes without explicit changelog entries or model card revisions. Organizations that had conducted prior assessments and built governance programs around assessed model behavior discovered their programs were governing a model they had never evaluated.
Defining "material update"
Vendor contracts should define materiality clearly. Suggested triggers for re-assessment disclosure:
- New major or minor version released that replaces a production model the organization uses.
- Safety evaluation results updated (change in red-team findings, CBRN capability assessment, or bias evaluation).
- Model card revised to reflect changes in training data, capability scope, or intended use.
- Underlying base model changed (e.g., vendor's API product moves from one base model to another).
- Input or output modalities added or removed.
- System prompt behavior or tool-use behavior changed in a way not controlled by the API caller.
Purely operational changes (latency improvements, cost reductions, bug fixes without capability effect) should be explicitly carved out to avoid assessment fatigue.
Re-assessment protocol structure
When a disclosure is received:
-
Triage (within 5 business days): The AI risk team reviews the disclosure and classifies the update as: no re-assessment required, lightweight re-assessment (desk review of changed parameters), or full re-assessment (new evaluation cycle).
-
Lightweight re-assessment: Review updated model card, safety evaluation summary, and any published changelog. Confirm that the organization's existing controls remain valid given the described changes. Document findings and close.
-
Full re-assessment: Repeat relevant portions of the original third-party model evaluation (PRC-003) for the updated model version. This is required when the change affects capabilities the organization relies on for safety or compliance purposes.
-
Control adjustment: If re-assessment identifies new risks, update controls, usage policies, or deployment configurations accordingly before the updated model version goes live in the organization's environment.
Contractual requirements
The following should appear in AI vendor agreements:
- Vendor will provide written notice of material model updates no less than [30/60/90] days before the update affects the production environment accessible to the organization.
- Notice will include: version identifier, summary of changes, updated model card (or diff from previous version), summary of safety evaluation results for the updated model.
- Vendor will not retire an assessed model version from production without providing sufficient notice for the organization to complete re-assessment of the replacement version.
- Vendor will maintain a changelog accessible to enterprise customers documenting all model version changes.
Example Implementation
Model Update Disclosure Triage Log (excerpt)
| Date received | Vendor | Model version | Change description | Triage decision | Rationale | Re-assessment owner | Closed date |
|---|---|---|---|---|---|---|---|
| 2026-03-10 | Anthropic | Claude 3.8 Sonnet | Improved coding performance; safety evals unchanged; model card revised to add coding benchmark results | No re-assessment | Safety profile unchanged; no new capabilities in scope | AI Risk Team | 2026-03-15 |
| 2026-04-22 | OpenAI | GPT-5.5 | Extended context window (200k); new document analysis capability; updated red-team results | Lightweight re-assessment | New capability (large doc analysis) within scope of existing deployment | J. Reyes | 2026-05-06 |
| 2026-05-30 | MidVendor | MV-Legal v3 | Base model changed from GPT-4o to internal model; model card replaced; safety evals not yet published | Full re-assessment | Base model change without published safety evals; legal use case requires full eval | External assessor | In progress |
Model Update Disclosure Clause (contract language): Vendor shall provide Customer written notice no less than forty-five (45) days prior to any Material Model Update affecting Customer's production environment. "Material Model Update" means any change to: (a) model version or base model; (b) safety evaluation findings; (c) model card capability scope; or (d) system-level safety controls affecting model output. Notice shall include a version changelog, updated model card or diff, and summary of current safety evaluation results.