ConsultingWorkbench-backed AI security engagements — map, attack, defend, and prove your AI systems.
Scope a Review
aisecurityllc
Log inTake DiagnosticScope a Review
aisecurityllc
Scope a Review
DraftNegotiation draft - fill placeholders before execution
BackRequest Execution

aisecurity.llc

AI SECURITY ENGINEERING

Los Angeles, CA · Athens, GR

aisecurity.llc

hello@aisecurity.llc

Legal Agreement · Negotiation Draft

Statement of Work Template

Mission-specific scope, deliverables, timeline, access, assumptions, and acceptance criteria for scoped AI security engagements.

Generated: May 30, 2026Format: Negotiation draftStatus: Fill placeholders before executionVersion: v1.1

Statement of Work Template

aisecurity.llc Engagement Document · Negotiation Draft

Required caveat: This template is provided for transparency and scoping. It is not legal advice and does not replace a final reviewed and signed agreement. All bracketed placeholders must be completed before execution.

1. Engagement Summary

Field Value
Client [CLIENT_ENTITY_NAME]
Provider aisecurity.llc
Engagement Name [ENGAGEMENT_TITLE]
Effective Date [EFFECTIVE_DATE]
Related Agreement [MSA_REFERENCE or "$0 Retainer" or "Standalone"]
Client Primary Contact [NAME · TITLE · EMAIL]
Provider Primary Contact David Wolf · hello@davidwolf.org

2. Objectives

Example:

Assess the security and governance posture of an AI-enabled product feature and produce evidence-backed findings, risk notes, and remediation recommendations that the engineering and product teams can act on.

Replace with engagement-specific objectives.

3. Scope

In Scope

  • Systems and features: [LIST AI SYSTEMS, FEATURES, APIS, ENDPOINTS IN SCOPE]
  • Documents and artifacts: [ARCHITECTURE DIAGRAMS, POLICIES, DATA FLOWS, PRIOR REPORTS]
  • Interviews and workshops: [NAMES OR ROLES OF PARTICIPANTS]
  • Testing environments: [STAGING, DEV, LIMITED PROD — DESCRIBE]
  • Data access: [DESCRIBE WHAT DATA MAY BE ACCESSED AND UNDER WHAT CONTROLS]

Testing Boundaries

  • [DEFINE AUTHORIZED TESTING SCOPE: e.g., static analysis, dynamic testing, prompt injection, RAG abuse, etc.]
  • [NOTE ANY ENVIRONMENT RESTRICTIONS: e.g., no production exploitation unless explicitly authorized in a signed ROE addendum]

4. Out of Scope

The following are explicitly out of scope unless separately agreed in writing:

  • Production system exploitation unless authorized in a signed Rules of Engagement addendum
  • Social engineering of personnel unless explicitly authorized
  • Legal certification, formal audit opinion, or compliance guarantee
  • Compliance certification of any kind
  • Remediation implementation unless included as a separate deliverable
  • Continuous monitoring unless included as a separate engagement
  • Systems, features, or environments not listed in Section 3

5. Client Responsibilities

Client agrees to:

  • Provide accurate and complete information relevant to the engagement
  • Identify a named system owner and technical point of contact
  • Provide access credentials, architecture materials, and testing environments as agreed
  • Confirm scope and testing authorization in writing before testing begins
  • Review any safety constraints and notify Provider of any off-limits systems or data
  • Respond to reasonable questions within [X BUSINESS DAYS]
  • Review draft deliverables and submit factual corrections within [X BUSINESS DAYS] of receipt

6. Deliverables

Select applicable deliverables. Final list is confirmed at kickoff.

  • Executive summary
  • Technical findings report
  • AI risk register
  • Threat model
  • Evidence map
  • Remediation backlog
  • Public scorecard draft
  • Red-team report
  • Detection engineering recommendations
  • Governance roadmap
  • Readout session (live or recorded)
  • Other: [DESCRIBE]

Deliverable format: [MARKDOWN / PDF / SLIDE DECK — SPECIFY]

7. Timeline

Milestone Target Date
Kickoff call [DATE]
Evidence collection complete [DATE]
Analysis and testing window [DATE RANGE]
Draft deliverables to client [DATE]
Client review period [X BUSINESS DAYS]
Final delivery [DATE]
Readout session [DATE or TBD]

Timeline assumes timely access and materials per Section 5. Material delays caused by Client may require timeline adjustment.

8. Fees and Payment

Field Value
Fee structure [FIXED FEE / TIME & MATERIALS / RETAINER]
Total fee or rate [AMOUNT or RATE]
Deposit [AMOUNT or "None"]
Invoice schedule [ON KICKOFF / ON DELIVERY / NET 30 / OTHER]
Expenses [INCLUDED / BILLED AT COST / NOT APPLICABLE]
Late payment [PLACEHOLDER — INCLUDE APPLICABLE TERMS]

9. Access and Data Handling

  • Provider will request only the minimum access necessary to perform the engagement.
  • Provider will not retain sensitive client data beyond the engagement period without written authorization.
  • Any evidence, logs, or screenshots collected during testing will be handled securely and redacted as needed for reports.
  • Provider will not use client data to train models, publish case studies, or disclose client information without prior written consent.
  • Secure transfer methods will be used for all material exchanges.
  • Evidence will be deleted or returned per the agreed retention schedule unless otherwise specified.
  • Use of third-party AI tools in the delivery of work will be disclosed on request.

10. Assumptions and Dependencies

This SOW assumes:

  • Client will provide timely access, materials, and responses as described in Section 5.
  • The test environment is stable and representative of the production system where indicated.
  • Documentation provided by Client is substantially complete and accurate.
  • A named stakeholder is available for kickoff and review sessions.
  • No material changes to scope occur without written change control per Section 12.

If assumptions prove incorrect, Provider may adjust timeline or fees with written notice.

11. Acceptance Criteria

Deliverables are accepted when the agreed reports, backlogs, scorecards, or readout materials are delivered substantially in accordance with this SOW and the client has had a reasonable opportunity to review and submit factual corrections.

12. Change Control

Material changes to scope, timeline, access requirements, or deliverables require a written amendment signed by both parties before work proceeds. Minor clarifications may be handled via email between named contacts.

13. Caveats

The following caveats apply to all engagements:

  • This assessment is time-bound. Findings are based on available evidence at the time of the engagement.
  • No assessment guarantees exhaustive vulnerability discovery. New vulnerabilities may exist that were not identified.
  • Public scorecards and trust-center artifacts describe publicly observable information and do not prove internal controls or operational maturity.
  • No certification or compliance guarantee is provided unless explicitly stated and separately agreed.
  • Findings should be reviewed and validated by the Client before acting on remediation priorities.
  • Provider may use anonymized, aggregated insights from the engagement methodology for research purposes unless Client opts out in writing.

14. Signatures

By signing, both parties agree to the terms of this Statement of Work and any referenced agreements.

Client:

Signature: ______________________________

Name: ______________________________

Title: ______________________________

Date: ______________________________

Provider (aisecurity.llc):

Signature: ______________________________

Name: David Wolf

Title: Principal

Date: ______________________________

These materials are provided for transparency and scoping. They are not legal advice and do not replace a final signed agreement. Consult qualified legal counsel before execution.

aisecurity.llc · AI SECURITY ENGINEERINGhello@davidwolf.org

This document is a negotiation draft. Final terms may vary by scope, jurisdiction, and client requirements. All bracketed placeholders must be completed before execution.