Three questions every CIO should ask a sovereign AI vendor

Every CIO we speak to has been pitched AI this week. Some of the pitches are thoughtful. Most are not. The difference, in our experience, shows up in three questions that take less than sixty seconds each to ask.

We put them here in the order we think they matter — not the order most vendors would prefer.

1. "Where does my data sit, and who can touch it?"

The correct answer is one sentence. Not a diagram, not a compliance marketing page, not a pointer to a SOC 2 report. One sentence.

If the vendor hesitates, reaches for documents, or answers by opening a region dropdown, the underlying architecture does not treat sovereignty as an invariant. It treats it as a configuration — and configurations leak.

The answer you want sounds like this: your data sits in the jurisdiction you chose, is isolated per organization by architecture, and is never accessible to anyone — including the vendor — outside that boundary.

If that sentence cannot be spoken without qualifications, you are buying a compliance veneer, not a sovereign platform.

2. "What changes for my team on day 60 that was not true on day 1?"

The wrong vendor answers with a feature roadmap. The right vendor answers with a change in behavior.

Day 1, your team has an Agent. Day 60, your team has a habit. What habit? Departments who opened a demo once become departments who start each week with a query. Knowledge becomes reusable because it is discoverable — not buried in a chat thread from last quarter. Cross-department conversations start earlier because the Agent is the first participant, not the last.

A vendor that cannot describe your team's day 60 in concrete terms is selling software, not a platform. Given what you are paying, the distinction matters.

3. "What would you refuse to build, even if we paid you for it?"

This is the question most vendors have never been asked. It is also the question that reveals whether you are buying a product with convictions, or a product with a price list.

A vendor who will build anything will eventually build something that hurts you. The vendor you want has refusals — things they will not do, even under pressure, even for money.

For us, those refusals include training a shared model on firm data, and routing documents outside the jurisdiction the customer chose — for any reason, including availability or cost.

You do not have to agree with every refusal. You do need to know the list exists. A platform without refusals is a platform without a plan — and you will end up being the plan.

Why these three questions

They are not the questions vendors coach their sales teams for. They are the questions that reveal whether the product in front of you was designed by people who understand what they are selling.

A sovereign AI platform that cannot answer these three in a minute each is not a sovereign AI platform. It is a platform with a sovereignty page.

Ask the questions. The best evaluation any CIO can run starts by asking all three in the first meeting and measuring how quickly the answers come. A vendor worth buying from will answer without pausing. A vendor not worth buying from will send a follow-up email the next week.