Does AssemblyAI have a documented process for reviewing and approving third-party service providers?

Yes. We have a documented Access Control Policy. We conduct quarterly access reviews and security reviews on our vendors ensuring that they maintain their security posture. We do this by having cadences with our vendor contacts and documenting risk scores based on what they process, and controls they have in place. Considerations are their SOC, ISO or other attestation reports are considered and attached to the vendor profile.