A managed AI evaluation RFP should do more than request reviewers, hourly rates, and capacity. It should tell suppliers which decision the evaluation supports, which technical judgments matter, what evidence must be produced, how confidential materials will be handled, and how the buyer will determine whether a pilot is good enough to expand.

Weak RFPs reward confident staffing claims and low unit prices. Strong RFPs expose whether a supplier can inspect task quality, match technical experts, calibrate decisions, adjudicate ambiguity, protect data, and operate a review system that remains visible as models, rubrics, and workload change.

Preparing a technical evaluation program? Datrick can review one task family, contributor profile, rubric, security boundary, quality process, and pilot decision before responding with fit or qualifying questions.

Begin with the decision and problem statement

State whether the program will compare models, improve training data, qualify a release, evaluate an agent, build a benchmark, calibrate an automated grader, or provide recurring human review. Name the accountable decision owner and the consequence of a false pass or false failure. Suppliers need this context to propose an appropriate combination of executable, model-based, and human evaluation.

Describe the use case rather than prescribing every implementation detail. The UK government's AI procurement guidance recommends clear problem statements, output-based requirements, data assessment, multidisciplinary evaluation, ongoing lifecycle management, and risk allocation to the parties able to manage it. Those principles translate directly to managed evaluation procurement.

Define the technical work packages

List the task families and distinguish work that may require different specialists. Coding, SQL, data analysis, mathematics, legal reasoning, support workflows, safety review, and general preference ranking are not interchangeable queues. For each family, provide representative examples, expected reasoning depth, tools, languages, systems, output format, known ambiguity, current volume, and likely change.

RFP sectionInformation the buyer should provideSupplier response required
Decision and use caseProduct, model, agent, training, release, research, or procurement decision and failure consequence.Proposed evaluation method, limitations, dependencies, and decision evidence.
Task familiesDomains, tools, languages, complexity, examples, context, output types, and expected changes.Relevant reviewer profiles, matching method, coverage gaps, and substitution rules.
Task assetsInstructions, rubrics, reference answers, tests, datasets, repositories, and current quality concerns.Inspection method, version control, defect escalation, and improvement ownership.
Volume and timingBaseline, forecast range, burst pattern, priority classes, time zones, and decision dates.Named management capacity, ramp assumptions, scheduling, and constraint disclosure.
ToolingRequired platform, APIs, repositories, execution environments, reporting, and integration constraints.Operating model, supported evidence, access needs, failure handling, and technical dependencies.
AcceptancePilot decision, quality evidence, review process, exclusions, and authorized approvers.Pilot plan, outputs, measurement method, risks, and expand, revise, or stop criteria.

Require evidence of domain expertise, not only credentials

Ask how the supplier determines whether a reviewer can perform the actual task. Require role profiles, practical qualification samples, calibration method, supervision, substitution controls, and escalation access to senior experts. Specify identity, location, employment or subcontractor status, language, and availability requirements only where they are relevant and lawful.

For technical work, a polished resume is not sufficient. A coding reviewer may need to inspect repositories, run tests, reason about security, and distinguish an alternative valid patch from a hidden-test mismatch. A SQL reviewer may need to identify join-grain errors, business-definition conflicts, or permission risk even when a query executes.

Make task and rubric quality part of the service

State whether the supplier will only execute existing instructions or also inspect tasks, references, rubrics, graders, examples, and edge cases. Require a route for reporting underspecified prompts, contradictory reference answers, narrow tests, missing context, and multiple valid interpretations. Do not penalize suppliers for surfacing defects the program needs to fix.

Ask who owns changes to the rubric, who approves them, how versions are recorded, and whether historical results remain comparable. Define how buyer feedback becomes contributor guidance and how changed instructions are propagated to active work.

Specify calibration, review, and adjudication

The response should explain how reviewers are onboarded, how independent calibration is run, how disagreement is classified, who adjudicates, and what happens when the buyer itself has not established a trusted answer. Require examples of the records produced by calibration and quality review, with confidential details removed.

Quality controlQuestion for suppliersEvidence expected
QualificationHow do you test practical domain fit before queue access?Representative assessment design, acceptance authority, and remediation path.
CalibrationHow do reviewers develop a shared interpretation before volume?Independent sample, comparison, disagreement classes, adjudication, and revised guidance.
ReviewWhich outputs receive second review, sampling, or targeted review?Risk-based review plan, selection rules, reviewer independence, and findings.
AdjudicationWho decides ambiguous or disputed cases?Escalation levels, response ownership, decision record, and turnaround treatment.
FeedbackHow do corrections reach contributors and task owners?Feedback loop, instruction versions, retraining trigger, and recurring error tracking.
AuditCan the buyer reconstruct why an output was accepted?Task, rubric, reviewer, evidence, decision, version, and change traceability.

Choose metrics after the baseline

Ask suppliers to propose metrics and explain what each one can and cannot prove. Relevant measures may include acceptance, rework, reviewer disagreement, adjudication, class-level error, severity-weighted error, rubric ambiguity, escalation, turnaround distribution, queue age, calibration drift, and audit findings. Throughput without quality and task complexity context is not a useful success measure.

Define numerator, denominator, exclusions, sampling, measurement owner, reporting cadence, and change control. Avoid inserting an arbitrary agreement or acceptance target before task inspection. The RFP can require a baseline period and an evidence-based target proposal after the pilot.

Describe data, security, and permitted use

Classify prompts, outputs, reference answers, repositories, datasets, logs, screenshots, credentials, customer information, and benchmark tasks. State approved countries, devices, networks, storage, tools, model providers, subcontractors, and communication routes. Require identity verification, least privilege, access approval, logging, incident response, retention, deletion, offboarding, and evidence of removal.

Ask whether materials may be used for supplier training, model training, service improvement, portfolio examples, or any purpose outside delivery. The default should not be assumed. NIST's Generative AI Profile recommends due diligence for AI acquisition and supplier assessments that includes privacy, security, intellectual property, third-party risk, ongoing monitoring, and value-chain concerns.

Make commercial assumptions comparable

Require suppliers to separate contributor execution, technical review, program management, calibration, adjudication, tooling, security onboarding, reporting, rework, and surge capacity. State whether pricing should be hourly, per accepted unit, per workstream, per managed pod, fixed pilot, or a hybrid. Ask what happens when task complexity or quality requirements change.

Lowest unit price can hide omitted management and quality work. Conversely, a managed fee is not justified unless the response names the operating responsibility and evidence it buys. Require minimum commitments, ramp time, cancellation, unused capacity, overtime, currency, taxes, expenses, rate changes, and payment assumptions.

Use a paid representative pilot

A pilot should test one real task family, not a supplier-created showcase. Provide the same bounded materials and decision criteria to shortlisted vendors where procurement rules allow. Include task inspection, contributor qualification, independent calibration, managed delivery, review, adjudication, reporting, security execution, and a written retrospective.

Judge the pilot on task insight, decision quality, evidence, communication, issue escalation, repeatability, and fit with the operating environment. A supplier that identifies a broken rubric may create more value than one that follows it quickly and produces a misleading acceptance rate.

Score the operating system, not the sales presentation

CategorySuggested emphasisWhat strong evidence looks like
Domain and task fitHighRelevant practical reviewers, explicit coverage gaps, and representative qualification.
Evaluation methodHighAppropriate grader mix, task inspection, limitations, and decision-linked evidence.
Quality operationsHighIndependent calibration, risk-based review, adjudication, feedback, and traceability.
Security and governanceHighSpecific controls for the proposed materials, people, tools, access, and lifecycle.
Delivery managementMedium-HighNamed ownership, realistic capacity, issue handling, reporting, and change control.
Commercial fitMediumComparable assumptions, visible management cost, flexible pilot, and no hidden dependencies.
References and evidenceMediumVerifiable relevant work with confidentiality boundaries and no invented performance claims.

Proposal red flags

  • Guaranteed acceptance, agreement, or turnaround before inspecting the task and baseline.
  • Generic reviewer pools presented as sufficient for coding, SQL, data, or other specialist work.
  • No independent calibration, adjudication, task-defect route, or authorized quality owner.
  • Unclear data reuse, model-provider use, subcontracting, access, retention, or deletion.
  • A quality dashboard with metrics that cannot be reconstructed from task-level evidence.
  • Pricing that excludes review, rework, management, security onboarding, or changing task complexity.
  • Refusal to disclose limitations, capacity constraints, domain gaps, or conditions that would stop delivery.

Frequently asked questions

What should an AI model evaluation RFP include?

Include the business and technical decision, task families, model and system context, domain expertise, data and access rules, evaluation methods, rubric and reference-answer ownership, calibration, quality assurance, adjudication, metrics, security, deliverables, pilot acceptance, capacity assumptions, pricing, intellectual property, support, and exit requirements.

How should buyers compare managed AI evaluation vendors?

Score vendors against demonstrated domain fit, task-quality method, reviewer qualification, calibration and adjudication, evidence traceability, security controls, management capacity, transparent limitations, and performance on a paid representative pilot. Do not select only on hourly rate, claimed contributor count, or a polished sample.

Should an AI evaluation RFP require a pilot?

Usually yes. A bounded paid pilot using one representative task family can test instructions, reviewer fit, calibration, quality controls, security, communication, turnaround, and evidence before either party commits to recurring volume. The RFP should state the pilot decision and acceptance method.

Which quality metrics belong in a managed evaluation contract?

Choose metrics after establishing a baseline. Depending on the work, use acceptance, rework, reviewer disagreement, adjudication, class-level error, severity-weighted error, rubric ambiguity, escalation, turnaround distribution, calibration drift, and audit findings. Define measurement ownership and exclusions rather than inserting unsupported targets.

What are red flags in an AI evaluation vendor proposal?

Red flags include guaranteed quality before task inspection, generic reviewers for specialist work, no independent calibration, unclear data reuse, unrestricted subcontracting, weak identity and access controls, no adjudication route, opaque quality metrics, no task-version traceability, and pricing that omits management, review, rework, or security requirements.

Use one representative task family to make the RFP concrete. Datrick can review technical fit, contributor requirements, task quality, calibration, security, management, and the smallest responsible pilot shape.