Tag: vendor-management

Mar 19, 2026 · Amit Kothari · Operations
SOC 2 vendor management when you cannot get their SOC 2 report
Not every vendor will hand over their SOC 2 report. Some gate it behind enterprise tiers, some do not have one, and some just ignore the request. Your auditor still expects you to manage vendor risk. Here is the workaround that actually satisfies the CC9.2 criteria.
compliancesoc2vendor-managementthird-party
Nov 4, 2025 · Amit Kothari · AI
AI contract negotiation - why flexibility beats price
The cheapest AI contract often becomes the most expensive when business needs change. How flexible terms around usage scaling, data portability, and exit rights protect mid-size companies from vendor lock-in. Practical negotiation strategies for contracts that adapt to unpredictable AI adoption patterns without enterprise use.
aicontract-negotiationvendor-managementpricing