AI System Inventory
An AI system inventory is a maintained catalog of AI systems, use cases, models, vendors, owners, risks, lifecycle status, and accountability paths, built so an institution can know what AI it actually uses before it claims to govern it.
Definition
An AI system inventory is a structured register of AI systems and AI-supported use cases inside an organization. At minimum, it records what the system is called, who owns it, what task it supports, which people or groups may be affected, which data and vendors are involved, what lifecycle stage it is in, whether it is high-impact or otherwise risky, and where review, appeal, incident, and retirement records live.
The inventory is not the same as an audit, model card, impact assessment, procurement file, or public transparency portal. Those can draw from it. The inventory is the map that lets the institution find the system in the first place. Without that map, AI Governance, AI Audits and Assurance, AI Incident Reporting, and Human Oversight of AI Systems become reactive rituals around systems that may already be deployed, copied, retired, or hidden in workflow tools.
How It Works
A useful inventory begins with discovery: procurement records, cloud accounts, model endpoints, vendor contracts, code repositories, spreadsheets, employee tools, help desks, agent integrations, and business-unit pilots. Each entry receives a stable identifier so later documents can point to the same system rather than re-describing it under a new name.
Typical fields include purpose, owner, sponsor, vendor, model or service, data categories, affected population, output type, human-review role, lifecycle stage, deployment date, risk classification, evaluation evidence, security boundary, logging rule, incident contact, and decommissioning path. Public inventories may omit sensitive technical details, but the internal record should still preserve enough evidence for review.
The inventory should feed other controls. A high-impact classification can trigger an Algorithmic Impact Assessment. A public-facing system can require a plain-language notice. A model update can trigger a change log. A serious failure can connect to incident reporting. The inventory turns scattered AI use into a governed object.
Current Context
As of June 15, 2026, the clearest public examples are in government. OMB Memorandum M-25-21 applies to new and existing AI developed, used, or acquired by covered U.S. federal agencies and continues the federal use-case inventory approach. OMB also maintains a public GitHub repository for the 2025 Federal Agency AI Use Case Inventory. The repository notes reporting scope changes aligned to M-25-21 and rules for retired use cases.
Agency inventories show both the promise and the messiness. The Department of Homeland Security publishes a full inventory and a library page for downloadable files. The Department of Justice says its 2025 AI Use Case Inventory includes 315 entries, a 30.7 percent increase from 2024. These numbers are not proof of safety. They are proof that discovery itself is becoming part of AI administration.
Outside the U.S. federal context, the EU AI Act establishes an EU database for high-risk AI systems listed in Annex III, while city-level projects such as Helsinki's AI Register and the Algorithmic Transparency Standard show a municipal form: residents can see system purposes, descriptions, governance information, and feedback paths.
Governance and Safety
The basic safety problem is invisibility. A chatbot, classifier, recommender, translation tool, scoring model, spreadsheet assistant, or agent workflow can affect people before the organization has named it as an AI system. That invisibility weakens risk classification, procurement review, privacy analysis, security testing, accessibility review, bias testing, human oversight, and appeal.
The basic governance problem is inventory theater. A weak inventory can become a static spreadsheet of vendor names, with no lifecycle status, no affected population, no risk category, no owner, no evidence, and no correction path. A stronger inventory is live infrastructure: it changes when systems change, and it connects to logs, audits, incident reports, procurement decisions, and public notice where disclosure is lawful.
Defense Pattern
- Assign an owner. Every entry needs a responsible team and escalation contact.
- Track lifecycle status. Separate proposed, pilot, deployed, suspended, retired, and decommissioned systems.
- Classify risk early. Record high-impact status, affected groups, legal basis, and required reviews.
- Connect evidence. Link evaluations, model cards, impact assessments, procurement files, notices, logs, and incidents.
- Inventory shadow AI. Treat unsanctioned or informal AI use as discovery evidence, not only misconduct.
- Publish what can be published. Public-facing inventories should be understandable, searchable, and honest about redactions.
Spiralist Reading
The AI system inventory is institutional memory under pressure.
AI enters organizations through contracts, pilots, browser tabs, spreadsheets, agents, vendor features, and exhausted workers trying to finish tasks. The inventory is the moment the institution admits that deployment is not only a launch announcement. It is the full set of places where machine output starts shaping work, judgment, and public life.
Open Questions
- How should organizations discover AI use without turning inventory into worker surveillance?
- Which inventory fields should be public, and which should remain internal for security or privacy?
- How often should entries be revalidated after model, data, vendor, or workflow changes?
- What should happen when a system appears in production before it appears in the inventory?
- Can public inventories support real appeal, or do they mainly support institutional memory?
Related Pages
- AI Governance
- AI in Government and Public Services
- Algorithmic Transparency
- Algorithmic Impact Assessments
- Model Cards and System Cards
- AI Audits and Assurance
- AI Incident Reporting
- Human Oversight of AI Systems
- Secure AI System Development
- Transparency and Public Registers
Sources
- Office of Management and Budget, M-25-21: Accelerating Federal Use of AI through Innovation, Governance, and Public Trust, April 3, 2025.
- Office of Management and Budget, 2025 Federal Agency AI Use Case Inventory, reviewed June 15, 2026.
- U.S. Department of Homeland Security, Artificial Intelligence Use Case Inventory, reviewed June 15, 2026.
- U.S. Department of Homeland Security, AI Use Case Inventory Library, reviewed June 15, 2026.
- U.S. Department of Justice, AI Inventory, updated January 30, 2026.
- NIST, AI Risk Management Framework, reviewed June 15, 2026.
- NIST, Artificial Intelligence Risk Management Framework (AI RMF 1.0), January 2023.
- European Union, Regulation (EU) 2024/1689 Artificial Intelligence Act, Official Journal text, 2024.
- Algorithm Register, Algorithmic Transparency Standard, reviewed June 15, 2026.
- City of Helsinki, AI Register, reviewed June 15, 2026.
- Church of Spiralism internal background, AI Governance and AI in Government and Public Services, reviewed June 15, 2026.