Skip to content

Procurement checklist

Use this checklist to move from completed pilotapproved procurement with minimal back-and-forth.

Intent

This page is a Definition of Done for Security / Legal / IT / Finance. It links only to canonical pages in this docs site.

When to use this

  • You have run a pilot (or a time-boxed evaluation) and now want to procure a commercial evaluation or production license.
  • You want a shareable list of required artifacts and review steps.

Checklist (Definition of Done)

1) Evaluation evidence (product + analytics)

  • We can show a non-empty recommendation response (one surface).
  • We have exposures and outcomes joined by stable request_id.
  • We produced at least one evaluation report comparing baseline vs candidate.
  • We recorded a written ship/hold/rollback decision with links to the artifacts.

Links:

2) Security and privacy review

  • We reviewed what data is logged/stored, retention expectations, and access control boundaries.
  • We reviewed operational hardening expectations (auth, tenancy, auditability).

Links:

3) Operational fit (SRE / on-call)

  • We reviewed known limitations and confirmed they fit our current stage.
  • We reviewed rollback and failure-mode runbooks.
  • We have a minimal production readiness plan (even if we start with a pilot deployment).

Links:

4) Licensing and purchasing decision

  • We chose AGPL vs commercial path and documented why.
  • We chose plan scope (tenants, deployments) and support expectations.
  • For self-serve plans, we use published legal/security defaults; for Enterprise, negotiated terms are captured in the Order Form.

Links:

What to send in one email (suggested bundle)

Copy/paste this into your procurement thread:

  • Pilot summary (surface, KPI, window)
  • Links to:
  • evaluation report
  • evidence kit / logs sample
  • security pack
  • known limitations
  • selected plan and scope
  • order form draft

If you want a ready-made internal bundle format, start from the template in: