AI Vendor Selection Playbook for CIOs India 2026

The number of AI-vendor conversations on a CIO's calendar in 2026 has tripled. Procurement, architecture, compliance, and business-unit leaders each show up with a preferred provider and a confident slide. The CIO's job is to convert the noise into a two-provider plus domestic-sovereign architecture with a defensible 3-year envelope and a working exit path.

This playbook is structured around that job. It ranks the six credible names for Indian deployment, gives you a TCO model to fill in, and provides SLA and exit-negotiation tactics that stand up in a second-round negotiation.

What You'll Learn

• Six-provider comparison from an Indian deployment lens
• 3-year TCO model with India-specific line items
• Lock-in risk anatomy and how to reduce it
• SLA negotiation levers and traps
• Exit strategy — from signal to migration
• Procurement checklist for AI vendor contracts

The Six Names You Are Actually Comparing

For an Indian enterprise in 2026, the realistic shortlist is six:

1. OpenAI (direct) — GPT, o-series, via api.openai.com.
2. Anthropic (direct) — Claude, via api.anthropic.com.
3. Google Cloud Vertex AI — Gemini plus Model Garden, Indian regions.
4. AWS Bedrock — Claude, Llama, Titan, Mistral, Indian regions.
5. Azure OpenAI / Azure AI Foundry — GPT, o-series, and other models, Indian regions.
6. Domestic sovereign cloud — Yotta, Tata Communications, CtrlS, Nxtra, Sify, or MeghRaj — hosting open-weight models or partnered frontier access.

Direct provider APIs (OpenAI, Anthropic) remain leaders for raw model access and latest-feature availability. Hyperscaler-hosted options are where Indian enterprises land for DPDP-sensitive workloads because of Indian regions, enterprise contracting, and integrated compliance tooling. Domestic sovereign is the default for critical-information-infrastructure and where cross-border exposure is unacceptable.

Comparison From the Indian Deployment Lens

| Dimension | OpenAI direct | Anthropic direct | Google Vertex AI | AWS Bedrock | Azure OpenAI | Domestic sovereign | |---|---|---|---|---|---|---| | Frontier models | GPT, o-series | Claude | Gemini, Model Garden (Claude too) | Claude, Llama, Titan, Mistral | GPT, o-series | Open-weight + partnerships | | India region | No (US default) | No (US default) | asia-south1, asia-south2 | ap-south-1, ap-south-2 | Central/South/West India | Indian data centres | | Enterprise contracting | Enterprise tier | Enterprise tier | GCC/Cloud customer | AWS enterprise | Microsoft EA | Direct MSA | | Typical SLA | Enterprise 99.9%+ | Enterprise 99.9%+ | 99.9% | 99.9% | 99.9% | 99.5–99.9% | | DPDP posture | DPA on enterprise | DPA on enterprise | Robust, India region | Robust, India region | Robust, India region | Strongest sovereignty | | Latest-feature availability | First | First or near-first | Near-first | Varies by model | Near-first for OpenAI models | Lagging frontier | | Integration with Indian ecosystem | Limited | Limited | BigQuery, GCP services | AWS services | Microsoft 365 EA | Local integrators | | Best fit | R&D, prototypes | R&D, prototypes | Cost-sensitive high-volume, BigQuery-centric | Claude-anchored workloads, AWS-centric | Microsoft-centric firms, GPT workloads | CII, defence-adjacent, strict sovereignty |

For deeper feature and pricing comparison across the three hyperscaler platforms, see VertexAI vs Bedrock vs Azure.

The 3-Year TCO Model

Fill this table in with your own assumptions. Review every 6 months.

| TCO line | Year 1 | Year 2 | Year 3 | Driver | |---|---|---|---|---| | Token usage (input + output) | ₹ | ₹ | ₹ | Volume × token price; assume 20–30% per-token price decline annually, 60–120% volume growth | | Platform and surrounding service fees | ₹ | ₹ | ₹ | Vector DB, managed RAG, guardrails API, evaluation tools | | Integration and custom build | ₹ | ₹ | ₹ | Year-1 heavy, tapers; onboarding a secondary provider adds 20–30% of year-1 build | | Internal team (AI platform, MLOps, governance) | ₹ | ₹ | ₹ | Fully-loaded; grows with use-case count | | Compliance and audit (incl. ISO/IEC 42001 readiness) | ₹ | ₹ | ₹ | Cert year spike, then steady-state | | Training and enablement | ₹ | ₹ | ₹ | Heaviest year 1; refresh in years 2–3 | | Incident and rework reserve | ₹ | ₹ | ₹ | 3–8% of value lines | | Exit/switching reserve | ₹ | ₹ | ₹ | 5–10% of total; builds from year 1 |

Add two sensitivity cases — best case (faster price decline, slower volume growth) and worst case (slower price decline, faster volume growth, incident).

For the narrative ROI layer sitting alongside TCO, see the AI ROI measurement framework.

Lock-In Risk Anatomy

Lock-in is not one thing; it is six.

| Lock-in vector | Severity | Mitigation | |---|---|---| | Prompt specificity to a model | High | Prompt abstraction layer; per-model thin adapters | | Proprietary fine-tuning weights | High | Prefer RAG, portable fine-tuning (LoRA), exportable adapters | | Embedding vectors | Medium | Store text + regenerate embeddings on provider switch; or keep open-source embedding model | | Managed RAG / Knowledge Base | High | Own the vector store; treat managed RAG as a convenience, not foundation | | Agents / tools / connectors | Medium | Build tools on open standards (OpenAPI, MCP) | | Data gravity | High | Multi-region, multi-cloud storage strategy |

An abstraction layer from day one is the single biggest lock-in reducer. For engineers, see Build with AI APIs and keep prompt templates and tool specifications in your repo, not in a vendor console.

SLA Negotiation — Levers and Traps

Levers

• Volume commitment — a committed annual token spend in exchange for price protection or rebates.
• India-region guarantee — written commitment that your data and inference stay in a named region.
• Data exclusion — contractual guarantee that prompts and outputs are not used for training.
• Named incident-response SLA — time to acknowledge, time to mitigation, time to root-cause report.
• Right to audit — in person or via a contracted auditor on reasonable notice.
• Model deprecation notice — minimum 12 months with a clear migration path.

Traps

• High headline availability, weak credit schedule. 99.9% with a maximum of 10% monthly-bill credit is weak remedy.
• "Commercially reasonable efforts" language. Insist on concrete obligations.
• Sub-processor substitution rights — the provider reserving the right to change cloud region mid-contract undermines DPDP posture.
• IP indemnity carve-outs — copyright liability for model-generated output is a live issue; negotiate a defensible indemnity.
• Term auto-renewal longer than 12 months.
• Exclusivity clauses — do not accept; your abstraction layer is a feature, not a flaw.

Exit Strategy — Signal to Migration

Exit is not an emergency plan; it is an ongoing capability.

Signals That Trigger Consideration

• Material pricing change not consistent with market direction.
• Model deprecation without a credible successor.
• Repeated SLA miss with weak root-cause response.
• Regulator guidance that complicates the vendor's compliance posture.
• Vendor corporate event (acquisition, strategic pivot) affecting commitments.
• Benchmark gap — your primary model falling materially behind alternatives on your evaluation suite.

The 9-Month Exit Timeline

• Month 0 — decision taken; notify procurement and legal.
• Month 1–2 — run full eval harness against the new primary.
• Month 3–4 — migrate prompts and tool definitions; retrain adapters.
• Month 5–6 — shadow-run new vendor on 10–20% of traffic.
• Month 7–8 — cut over workloads in waves; keep old vendor as fallback.
• Month 9 — formal contract wind-down; data return.

An exit that takes 9 months in the drawer and 3 weeks on the floor is the goal.

Procurement Checklist for AI Vendor Contracts

• [ ] India-region hosting for personal and sensitive data, named in the contract.
• [ ] DPDP-aligned DPA with sub-processor list and notification clock.
• [ ] Training-data exclusion with audit right.
• [ ] Model deprecation notice of 12 months minimum.
• [ ] SLA with enforceable credit schedule and incident-response clock.
• [ ] IP indemnity for generated output with a defensible cap.
• [ ] Data export in standard formats on termination.
• [ ] Audit right — in person or via contracted auditor.
• [ ] Price protection or tiered rebates on volume.
• [ ] No exclusivity clauses.
• [ ] Force-majeure and geopolitical-risk clauses reviewed by legal.

Framework — Choosing Your Primary and Secondary

Pick a primary based on:

1. Dominant workload profile (chat, code, long-context, multimodal).
2. Regulator overlay for your sector.
3. Cloud already in use for data workloads.
4. Microsoft / Google / AWS enterprise agreement leverage.

Pick a secondary based on:

1. Diversification across both vendor and hosting jurisdiction.
2. Model family complement (if primary is GPT, secondary Claude or Gemini).
3. Credible price pressure on primary at renewal.

Add a third option — domestic sovereign — as your fallback for workloads that cannot cross borders.

For the security and residency controls stitching these vendors together, see the AI security and data residency guide.

Worked Example — A 2000-Employee Indian IT Services Firm

• Primary — Anthropic Claude via AWS Bedrock in ap-south-1 for code-review, contract review, and customer-facing chat.
• Secondary — Google Vertex AI Gemini 2.5 Flash in asia-south1 for high-volume low-cost workloads (summarisation, classification).
• Third — Azure OpenAI in Central India for Microsoft 365 Copilot and knowledge-worker flows (bundled with the firm's EA).
• Sovereign fallback — open-weight Llama on Yotta for the most sensitive client workloads.
• Abstraction layer — thin internal wrapper over LangChain; all prompts in repo; eval harness runs weekly against all four options.

Year-1 TCO envelope around ₹6–9 Cr; 3-year envelope ₹18–25 Cr; exit reserve ₹1.5 Cr held back as year-1 contingency. Numbers are illustrative; every firm's shape is different.

Key Takeaways

• Multi-vendor from day one with a clear primary and a credible secondary.
• Abstraction layer is the single biggest lock-in reducer; build it before you need leverage.
• TCO is a 3-year band with named drivers, not a point estimate.
• Lock-in is six vectors; prompt specificity and managed RAG are the highest.
• SLA credit schedules tell you more than headline availability.
• Exit capability must be continuously exercised, not drawer-drilled.
• India region, training-data exclusion, and DPDP-aligned DPA are non-negotiable contract terms.
• Domestic sovereign cloud is a real third leg for CII and defence-adjacent workloads.

Official Resources

• Google Vertex AI documentation
• AWS Bedrock documentation
• Azure AI services documentation
• Anthropic — Enterprise
• OpenAI Enterprise
• NIST AI RMF 1.0 (PDF)
• ISO/IEC 42001:2023
• DPDP Act 2023 (MeitY PDF)

Next Steps

• Compare platforms at feature and pricing level in VertexAI vs Bedrock vs Azure
• Set up platforms with the Google Vertex AI setup guide and AWS Bedrock setup guide
• Anchor TCO to ROI with the AI ROI measurement framework
• Apply the security stack in the AI security and data residency guide
• Stand up governance with the AI governance framework guide
• Track the AI model landscape with latest AI models 2026

Last updated: April 19, 2026