Procurement workflow surface
Executive Order 14110 on Safe, Secure, Trustworthy AI — vendor disclosure form
This is a sample disclosure form a procurement team can adapt for vendor RFPs and ITTs evaluating systems against Executive Order 14110 on Safe, Secure, Trustworthy AI. The provision-specific questions below were derived from the catalog's coverage cells; before issuing, a qualified procurement lawyer should review the adapted version against your jurisdiction's contract law. This form is NOT legal advice (see charter §7.4).
1. Vendor identification
2. AI system identification
3. Provision-specific questions
- Foundation Models / GPAI. Does the offered system meet the threshold for a general-purpose / foundation model under Executive Order 14110 on Safe, Secure, Trustworthy AI (§4.2(a) — Defense Production Act reporting)? If yes, identify the specific obligations you will satisfy and the evidence you will provide.
(Cite: §4.2(a) — Defense Production Act reporting)
- Deepfakes / Synthetic Content. Does the offered system generate or substantially modify audio / video / image / text in ways requiring disclosure or machine-readable provenance under Executive Order 14110 on Safe, Secure, Trustworthy AI (§4.5 (content authentication, watermarking) — rescinded 20 Jan 2025 by EO 14148; successor EO 14179 is silent on deepfakes, leaving only NIST provenance artifacts)? Describe the disclosure + provenance mechanisms implemented and their robustness against removal.
(Cite: §4.5 (content authentication, watermarking) — rescinded 20 Jan 2025 by EO 14148; successor EO 14179 is silent on deepfakes, leaving only NIST provenance artifacts)
- AI in Criminal Justice. Will the offered system be used in law-enforcement, predictive-policing, risk-assessment, or sentencing-support contexts within scope of Executive Order 14110 on Safe, Secure, Trustworthy AI (§7.1(b) (DOJ AI use review))? Provide jurisdictional authorisation evidence + impact-assessment outputs.
(Cite: §7.1(b) (DOJ AI use review))
- Compute-Threshold Reporting. Does the offered system meet the compute / training-cost reporting thresholds named in Executive Order 14110 on Safe, Secure, Trustworthy AI (§4.2(a)(i) — 10²⁶ FLOP threshold)? If yes, attach the most recent submitted report (redacted as needed) or confirm submission status.
(Cite: §4.2(a)(i) — 10²⁶ FLOP threshold)
- Sovereign AI Doctrine. Describe the offered system's compliance posture relative to the Executive Order 14110 on Safe, Secure, Trustworthy AI provisions identified at: §4.2 (Commerce reporting on dual-use models + large compute clusters; IaaS rules).
(Cite: §4.2 (Commerce reporting on dual-use models + large compute clusters; IaaS rules))
- Catastrophic & Existential Risk. Has the offered system been evaluated against catastrophic-risk thresholds (e.g., CBRN information uplift, autonomous replication) consistent with Executive Order 14110 on Safe, Secure, Trustworthy AI (§4.2(a)(ii) — CBRN + autonomous replication explicitly named)? Provide the evaluation report or its public-disclosure equivalent.
(Cite: §4.2(a)(ii) — CBRN + autonomous replication explicitly named)
- Technological Sovereignty. Describe the offered system's compliance posture relative to the Executive Order 14110 on Safe, Secure, Trustworthy AI provisions identified at: §5.3(b) + CHIPS Act overlap (BIS export controls, domestic compute).
(Cite: §5.3(b) + CHIPS Act overlap (BIS export controls, domestic compute))
- Synthetic Content Provenance. Does the offered system generate or substantially modify audio / video / image / text in ways requiring disclosure or machine-readable provenance under Executive Order 14110 on Safe, Secure, Trustworthy AI (§4.5(a) — content authentication + watermarking standards via NIST + Commerce)? Describe the disclosure + provenance mechanisms implemented and their robustness against removal.
(Cite: §4.5(a) — content authentication + watermarking standards via NIST + Commerce)
- National Security Carveouts in AI Regulation. Identify whether any component of the offered system or its use case falls within the national-security carveouts of Executive Order 14110 on Safe, Secure, Trustworthy AI (§11 national-security exemption; NSM-10 parallel-track governance for national-security AI) and the resulting compliance posture.
(Cite: §11 national-security exemption; NSM-10 parallel-track governance for national-security AI)
4. Documentation enclosures expected
Tick each enclosure attached to the vendor response. Missing enclosures should be explained in the “Variances” field below.
- Copies of submitted regulatory reports / registrations
- Content provenance + watermarking technical description
- Most-recent red-team / adversarial-evaluation report
- Vendor company registration + insurance certificates
- Sub-processor / supply-chain list (including model upstream)
5. Vendor attestation
The undersigned, on behalf of the vendor, attests that the disclosures above are true and complete to the best of their knowledge at the date signed, and undertakes to notify the buyer in writing within 30 days of any material change to those disclosures.
This is a sample form derived from the catalog at /wiki/us-eo-14110. Adapt before issuing. Not legal advice; not jurisdiction-specific. See charter §7.4.