How Do I Write an RFP for an AI Project?
A good AI RFP describes your current tech stack, your compliance constraints (HIPAA, SOC 2, etc.), the specific workflow you're automating, and how you'll measure success. It asks vendors to explain their deployment model, not just their capabilities. Without those specifics, you'll get polished pitches that are impossible to compare.
Why most AI RFPs produce useless responses
Most AI RFPs we see from SMBs read like software RFPs from 2015. They ask for a platform overview, a pricing table, and three references. Vendors respond with 40-slide decks that say everything and commit to nothing.
The problem is that AI projects fail at the integration and compliance layer, not the demo layer. If your RFP doesn't ask about those things, vendors have no reason to surface them until after you've signed.
What to include in an AI RFP, section by section
Start with your environment. List the software you're actually running: your CRM, EHR, scheduling tool, or whatever system the AI will touch. Name them specifically. If you're on Epic, say Epic. If you're on Salesforce, say Salesforce. This forces vendors to tell you whether they've done that integration before or whether they're guessing.
Next, state your compliance requirements explicitly. If you handle protected health information, say you require a signed BAA before work begins and ask vendors to confirm they can provide one. If you're in finance, ask about SOC 2 Type II certification. Vendors who can't meet your compliance bar will either disqualify themselves or, more likely, bury the issue. Your RFP should make it impossible to bury.
Then describe the actual workflow, not the outcome you want. Don't write 'we want to improve customer response time.' Write 'our front desk receives 200 inbound calls per day, 60% are appointment scheduling, and we want to automate those without a human in the loop.' That specificity lets vendors scope accurately and lets you compare proposals on the same terms. Close with your success metrics and timeline. Ask vendors to tell you what they need from your team during deployment and how long a realistic rollout takes for a project like yours.
When a formal RFP isn't the right tool
If you're a small business running a single-use-case pilot under $25,000, a formal RFP will slow you down without adding clarity. In that range, a one-page project brief with your compliance requirements, integration targets, and success criteria does the same job. Reserve the full RFP format for multi-system deployments, regulated industries, or projects with a procurement committee that needs a paper trail.
If you're in healthcare or finance and you're comparing vendors on price alone, stop. A vendor who can't sign a BAA or hasn't done your integration before will cost you more in remediation than they saved on the proposal.
How we respond to AI RFPs at Usmart
When we receive an RFP, the first thing we look for is a compliance section and a tech stack list. If those are missing, we ask for them before we write a single line of our response. We build private LLM deployments on models like Llama 3.1, not wrappers around public APIs, so the data environment question matters to us technically, not just contractually.
For regulated clients, we sign BAAs as a standard part of scoping, not as an afterthought. Our typical deployment runs 4 to 6 weeks for a focused workflow. Complex multi-agent systems take 8 to 12 weeks. We put those numbers in writing because a vague timeline in an RFP response is usually a sign the vendor hasn't actually scoped your project.
Ready to see it working for your business?
Book a free 30-minute strategy call. We will scope your use case and give you honest numbers on timeline, cost, and ROI.