Skip to content
Contact us
  • There are no suggestions because the search field is empty.

AI Autofill on Questionnaires

Overview

Use AI autofill to have UpGuard suggest answers to uploaded questionnaires based on documents (evidence) you provide.

How it works:

  • You receive a security questionnaire from a potential vendor.
  • You upload the questionnaire to Trust Exchange and select which evidence you want UpGuard to use.
  • UpGuard uses the selected evidence to suggest answers for the questionnaire.
  • You review suggestions and accept, reject, or edit as you go.
  • You save your responses and move even faster through the next questionnaire.

The result: you save time and vendors still get the answers they need.

Accepted source documents

AI autofill on Trust Exchange can reference content in the following document types:

  • PDF
  • Excel
  • Questionnaires completed in UpGuard

Not accepted:

  • Image files (including images embedded in PDFs)
  • Password-protected files (including PDFs)

🧠 Tailor source documents to the topics in the questionnaire. SOC 2 reports, information security policies, and past questionnaires are good defaults.

Run AI autofill

Import a questionnaire or open an existing questionnaire (Trust Exchange>Answer Questionnaires>select a questionnaire>edit answers). From the questionnaire responder (where you can input and edit answers):

  1. Click the Tools (hammer icon) at the bottom of the page.
  2. Click Run autofill.
  3. Select evidence. This is the evidence that UpGuard will be using to formulate answer suggestions. Only selected evidence is used.
    1. Upload new documents using the upload field.
    2. Click the checkmark next to existing documents to select those as sources.
  4. Adjust settings.
    1. Autofill empty fields only: toggle this on to have AI autofill ignore any questions with existing answers and preserve answers you've already provided.
    2. Apply persona: apply one of four default personas or create a custom persona. Read more about personas.
  5. Click Run autofill.
  6. Autofill will begin drafting suggestions. You can navigate away from the page while it does this.
  7. Click Continue answering.
  8. You’ll see where autofill has suggested answers and you can accept, reject, or edit each response. If you accept responses, you’ll see an AI icon designating that the response came from AI autofill, along with a link to the source used to reach that response.
  9. Click Submit when you’re ready to complete your questionnaire.

The sender is notified that your questionnaire has been submitted. If necessary, you can update your answers after submission and the recipient will be notified of any changes.

❗ Submitting with unreviewed suggestions accepts them all as-is.

AI personas

Apply a persona or write a custom prompt to control how the AI generates responses. Custom prompts let you tailor the tone, format, and length of suggestions, and steer how the AI handles missing information.

Available personas

Persona

Description

Security analyst

A no-fluff technical steward using formal, objective language and a bias towards industry-standard terminology. Responses are detailed and lengthy, prioritizing technical specs over marketing.

Instead of apologizing for gaps, it proactively highlights compensating controls and roadmaps.

Sales engineer

A confident, persuasive advisor using punchy, accessible language that minimizes jargon. Responses are concise and high-impact, framing security as a customer benefit.

Focuses on ease of adoption and frames technical facts as competitive advantages.

CISO

An authoritative executive voice focusing on strategic so-what outcomes. Responses are moderate in length, balancing technical posture with business enablement.

Prioritizes regulatory alignment (SOC2, GDPR) and operational resilience over granular settings.

Default

A direct, professional, and neutral tone. Responses are standard in length and strictly written from a third person perspective (other personas will use third persona language as needed).

This is a strong baseline.

Custom

User-defined. Tone, language, and length are variable based on the specific prompt instructions you provide.

Tips for using a custom persona

  • Set the tone, format, or length of responses. Example: Keep responses extremely brief (max 2 sentences) in bulleted format. Use modern, casual but professional language that emphasizes our cloud-native agility and use of automated compliance tools.
  • Prescribe language defaults. Example: Prioritize GDPR and CCPA terminology. Whenever data storage is mentioned, explicitly state that all data is encrypted at rest and in transit using industry-standard protocols.
  • Create style guide choices. Example: Always reference specific document names (e.g., 'Refer to the Information Security Policy') when describing a control, and use a tone that is ready for a Big Four audit.

🎵 Custom prompts have a 5000 character limit.

Configure .xlsx import

UpGuard will automatically parse standardized questionnaires to determine which columns contain questions, requirements, and answer options. You can adjust these specifications or set them (if UpGuard was unable to automatically process the questionnaire).

What to do:

  • Select which sheets to include. Sheets are listed at the top of the modal. By default, all sheets are included. Uncheck Include this sheet to exclude a sheet. You’ll need to exclude any instruction sheets or sheets that don’t have questions/answers.
  • Tell UpGuard how to read each sheet.
    • Required
      • One question column
      • One answer column
      • A starting row
    • Optional
      • A number column
      • Heading rows (you can specify multiple heading rows)
      • Non-question rows (you can specify multiple heading rows)