Manage Documents and Security Questionnaires
Learn how to manage AI system documents, requests, and security questionnaires in Sprinto using uploads, document requests, and questionnaire workflows.
The AI Systems module in Sprinto includes document and questionnaire management workflows that help organisations maintain governance evidence and conduct AI-related security reviews.
You can:
Upload governance documents and links
Request documents from vendors
Track request submissions
Create security questionnaires
Upload questionnaire templates
Fill and submit questionnaires
Maintain audit-ready evidence
These workflows help organisations centralise AI governance documentation and vendor assessment activities.
Navigate to Documents and Questionnaires
To access AI system documents and questionnaires:
Log in to the Sprinto dashboard.
Navigate to Data Library.
Select AI Systems.
Open an AI system from the All AI Systems tab.
Select the Documents & links tab.
The Documents & links tab contains:
Documents
Requests
Documents Tab
The Documents tab displays all documents and evidence associated with the AI system.
This includes:
Uploaded documents
Submitted documents
Governance evidence
Compliance artefacts
Linked URLs
The table also displays:
Document status
Expiry dates
Sources
Request details
Added by information
Request Documents from Vendors
Sprinto allows organisations to request documents directly from AI vendors.
Start a Document Request
To request documents:
Navigate to the Documents & links tab.
Click Request.
Select the required documents.
Configure the request details.
Click Preview & send request.
Sprinto sends the request after confirmation.
Configure Requested Documents
You can configure:
Required documents
Optional documents
Custom questionnaires
Notification recipients
Email templates
Examples of supported documents include:
SOC 2 reports
ISO 27001 certifications
GDPR agreements
HIPAA agreements
Security whitepapers
PCI DSS reports
Configure Request Emails
Sprinto supports configurable request emails.
You can configure:
Recipients
CC recipients
Submission notifications
Email subject
Email header
Email body
You can also configure whether selected documents are displayed inside the email.
Preview and Send Requests
Before sending the request:
Click Preview & send request.
Review the generated email.
Click Send request.
Sprinto sends the document request to the vendor.
Requests Tab
The Requests tab displays all document requests associated with the AI system.
The table includes:
Request name
Request status
Submission details
Requested by information
Reminder tracking
This helps organisations track the lifecycle of document requests and submissions.
Upload Documents and Links
Sprinto supports manual uploads for governance evidence.
Add Documents or Links
To upload documents:
Navigate to the Documents tab.
Click Add.
Select Add document or link.
Upload the required files or add URLs.
Click Save.
The uploaded evidence is stored within the AI system record.
Supported Upload Types
Sprinto supports:
File uploads
URL-based evidence
Multiple uploads
Supported formats may include:
PDF
DOC/DOCX
XLS/XLSX
CSV
PPT/PPTX
ZIP
PNG
JPG
JSON
MSG
Add Multiple Documents
To upload additional evidence:
Click Add another document/link.
Repeat the upload process.
This helps organisations centralise all governance evidence for the AI system.
Security Questionnaires
Sprinto supports reusable AI security questionnaires for vendor and AI system assessments.
Questionnaires help organisations:
Standardise vendor assessments
Collect governance responses
Maintain audit-ready records
Evaluate AI security posture
Fill a Questionnaire
To complete a questionnaire:
Navigate to the Documents & links tab.
Click Add.
Select Fill questionnaire.
Choose the required questionnaire.
Complete the questionnaire.
Click Finish.
Sprinto saves the questionnaire submission within the AI system record.
Questionnaire Features
The questionnaire workflow supports:
Progress tracking
Search
Filters
Attachments
Additional comments
Draft saving
This helps teams complete large assessments efficiently.
Submit Questionnaire Responses
After completing all mandatory questions:
Click Finish.
Review the confirmation message.
Click Submit.
Sprinto finalises the questionnaire response.
After submission:
Responses become read-only
Submission history is maintained
Evidence remains linked to the AI system
Create a Custom Questionnaire
Sprinto supports CSV-based questionnaire creation.
Add a Questionnaire
To create a questionnaire:
Navigate to the Questionnaire tab inside AI Systems.
Click Create custom questionnaire.
Download the CSV template.
Populate the questionnaire.
Upload the CSV file.
Additional configuration options appear after the upload.
Configure Questionnaire Metadata
After uploading the questionnaire:
Configure the questionnaire details.
Click Preview & add questionnaire.
You can configure:
Questionnaire name
Recommended frameworks
Recommended vendor risk levels
Recommended vendor categories
The recommendation fields support multiple selections.
Preview Questionnaires
Sprinto validates uploaded questionnaires before publishing.
The preview includes:
Question IDs
Domains
Questions
Descriptions
Mandatory status
Question types
This helps organisations review the questionnaire structure before publishing.
Publish a Questionnaire
After validating the questionnaire:
Click Add questionnaire.
The questionnaire becomes available for:
AI vendor assessments
Document request workflows
Due diligence reviews
Questionnaire Recommendations
Questionnaires can be recommended based on:
Compliance frameworks
Vendor risk levels
Vendor categories
This helps organisations standardise governance workflows across different AI systems.
AI Governance Best Practices
When managing AI governance evidence:
Maintain updated compliance documents
Use standardised questionnaires
Periodically review uploaded evidence
Configure document expiry tracking
Centralise governance artefacts
Reuse questionnaires across vendors
Track request completion regularly
Related Information
Last updated