AI System Inventory

the list of every AI system you're running. most companies don't have one. 60% of employees use AI at work and only 18% know there's a policy.

"asked the CTO how many AI systems we have in production. he said twelve. the audit found forty-three. thirty-one of them were built by people who don't report to him."
"we have an AI inventory. it was last updated in Q2 2024. it lists four systems. the marketing team alone is running six."
"found out our EU AI Act registration covers three systems. our actual footprint is closer to sixty. the compliance team was not amused."
Share this one
Canonical Definition

A centralised register of all AI systems, applications, and agents deployed within the organisation. Required by the EU AI Act (Art. 49) for high-risk systems. The inventory captures structured metadata: system purpose, risk classification, data sources, model type, deployment status, designated owner, severity level, and regulatory applicability. Without an inventory, every subsequent governance control operates on an incomplete picture of the organisation’s actual AI footprint.

Why It Matters

The AI system inventory is the precondition for everything else in AI governance. You cannot assess risk on systems you do not know exist. You cannot assign severity levels to systems you have not catalogued. You cannot demonstrate EU AI Act compliance for systems that are not in your register. The inventory is not governance itself — it is the map without which governance navigates blind.

The scale of the problem is quantifiable. Research from Salesforce (2024) found that 60% of employees use AI at work, but only 18% know their organisation has an AI policy. A separate Cisco study found that 90% of enterprises are concerned about shadow AI and 80% have already experienced negative incidents from unsanctioned AI use. The gap between organisational awareness and actual AI deployment is not a rounding error. It is a structural governance failure.

The EU AI Act makes the inventory a legal requirement. Article 49 requires deployers of high-risk AI systems to register them in the EU database before placing them on the market. But the regulatory requirement captures only a fraction of the problem. Most AI governance failures involve systems that were never classified as high-risk — because they were never classified at all, because nobody knew they existed.

The Stress Test

A regulator asks for your AI system inventory. You produce a spreadsheet listing 15 systems, each with a risk classification, designated owner, and deployment date. The regulator then asks your IT security team for a network scan of API calls to external AI services. The scan identifies 47 distinct AI service endpoints being called from your corporate network. Thirty-two of them are not in your inventory.

The regulator asks who owns the 32 unregistered systems. You do not know. They ask what data these systems process. You do not know. They ask whether any of them would qualify as high-risk under the EU AI Act. You cannot answer, because you have not assessed systems you did not know existed. Your inventory was not wrong. It was incomplete. And incomplete, in this context, is the same as wrong.

In the Wild

Enterprise — Samsung Semiconductor, 2023
Confidential Source Code Leaked via Shadow AI

Within three weeks of Samsung allowing employees to use ChatGPT, engineers in the semiconductor division pasted confidential source code, internal meeting notes, and proprietary test sequences into the tool. Three separate incidents were identified. The data was submitted to an external AI service that Samsung did not control, monitor, or include in any AI inventory. The company banned generative AI use entirely — a response that acknowledged the inventory failure: they could not govern tools they could not see, so they removed them all.

Samsung did not have an AI inventory problem. It had an AI visibility problem. The inventory was zero. The usage was company-wide. The gap was everything.

Research — Microsoft & LinkedIn, 2024
75% of Knowledge Workers Use AI; Organisations Don't Know Which Tools

Microsoft’s 2024 Work Trend Index, based on a survey of 31,000 people across 31 countries, found that 75% of knowledge workers use AI at work. Of those, 78% bring their own AI tools to work (BYOAI) — tools the organisation did not provision, does not manage, and in most cases does not know about. The report found that only 39% of AI users received AI training from their employer. The remaining 61% are using tools the organisation cannot see, on data the organisation cannot track, with no training on acceptable use.

Three out of four employees use AI. Three out of four of those brought their own. Your AI inventory is missing approximately 56% of your actual AI footprint. That is not a gap. That is most of the picture.

Regulatory — EU AI Act Database, 2025
The Registration Requirement Nobody Is Ready For

Article 49 of the EU AI Act requires providers and deployers of high-risk AI systems to register them in the EU database before placing them on the market or putting them into service. The registration must include the system’s intended purpose, a description of how the system works, conformity assessment results, and contact details for the responsible person. Early compliance assessments by the European AI Office found that fewer than 20% of organisations that deploy high-risk AI systems had completed an internal inventory sufficient to support Article 49 registration. The systems existed. The inventory did not.

You cannot register what you have not inventoried. You cannot inventory what you have not discovered. Discovery is the first governance act. Most organisations have not started.

How to Govern It

An AI inventory is not a spreadsheet. It is a living system with discovery, classification, ownership, and maintenance.

Within the AI Control Index, the AI system inventory is the foundational artifact of the GRC shield:

  • Discovery (S1) — Active scanning for AI systems across the organisation. This includes provisioned enterprise tools, shadow AI (BYOAI), embedded AI within SaaS products, and AI components in vendor-supplied software. Discovery is not a one-time event. It is a continuous process.
  • Classification — Each discovered system is assigned a severity level (1–5) based on blast radius, autonomy level, data sensitivity, and regulatory applicability. High-risk systems under the EU AI Act receive mandatory classification. All systems receive governance classification.
  • Registration — Structured metadata captured in the centralised register: system purpose, model type, data sources, deployment environment, owner, severity level, regulatory classification, and gate status. The register is the single source of truth for the organisation’s AI footprint.
  • Ownership — Every system has a named owner (operational responsibility) and a named accountable executive (governance responsibility). Unowned systems are flagged for immediate remediation or decommissioning.
  • Maintenance — The inventory is updated when systems are deployed, modified, decommissioned, or reclassified. Staleness checks ensure the inventory reflects the current state, not the state at last audit.

When It's Relevant

Every organisation that uses AI in any form. The inventory is the precondition for all other governance activities. If your organisation cannot produce a complete list of its AI systems, owners, and risk classifications, every governance claim built on that foundation is suspect.

Inventory governance is most critical when:

  • The organisation is preparing for EU AI Act compliance and needs to identify registrable high-risk systems
  • Shadow AI adoption has outpaced governance — employees are using AI tools the organisation did not provision
  • M&A due diligence requires an accurate picture of AI exposure across the combined entity
  • An incident reveals AI systems that were not in the inventory, triggering a discovery and remediation cycle
  • Board or audit committee requests evidence that the organisation knows its AI footprint

See this control in the framework. AI system inventory governance is operationalised through GRC (S1), severity classification, and the Evidence Factory in the AI Control Index v6.0.

Open Framework →

Related Terms

References

  1. [1] European Parliament and Council of the European Union (2024) Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence (Artificial Intelligence Act), Article 49. Official Journal of the European Union, L series.
  2. [2] Salesforce (2024) The Promises and Pitfalls of AI at Work. Salesforce Research.
  3. [3] Cisco (2024) 2024 Data Privacy Benchmark Study. Cisco Systems, Inc.
  4. [4] Microsoft and LinkedIn (2024) 2024 Work Trend Index Annual Report: AI at Work Is Here. Now Comes the Hard Part. Microsoft Corporation.
  5. [5] OECD (2024) OECD Framework for the Classification of AI Systems. OECD Digital Economy Papers, No. 349. Paris: OECD Publishing.
  6. [6] NIST (2024) Artificial Intelligence Risk Management Framework: Generative AI Profile (AI 600-1). National Institute of Standards and Technology, U.S. Department of Commerce.
  7. [7] Raji, I.D., Smart, A., White, R.N., Mitchell, M., Gebru, T., Hutchinson, B., Smith-Loud, J., Theron, D. and Barnes, P. (2020) ‘Closing the AI Accountability Gap: Defining an End-to-End Framework for Internal Algorithmic Auditing’, Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency (FAT*), pp. 33–44.

AI Control Index v6.0 · Glossary · June 2026 · i-DEPOT 158508 (BOIP) · CC BY-NC-ND 4.0

By Jeroen Janssen, Apparens