Why the inventory question matters
Before your organisation can govern its AI, it must know what AI it has.
This sounds obvious. It is surprisingly difficult in practice. AI tools have proliferated across enterprise environments through multiple channels: tools purchased by IT, tools adopted by individual teams on business credit cards, tools embedded in software products your organisation uses, AI features activated within platforms already deployed, and agents deployed by employees who did not recognise them as AI systems requiring governance oversight.
The result, in most organisations, is that the true count of AI tools in active use is substantially higher than anyone's initial estimate. Some governance consulting practices report that structured inventory exercises routinely reveal two to four times the number of tools that organisations believed they were running.
This matters for one fundamental reason: you cannot govern what you cannot see. Risk assessment, accountability mapping, access control, audit evidence, and board reporting all depend on a prior question being answered accurately: what AI tools and use cases does this organisation actually have?
Three separate Australian regulatory frameworks have now made the answer a documented requirement.
The three regulatory frameworks that require an AI inventory
1. APRA's April 2026 letter, minimum expectation for all regulated entities
APRA's 30 April 2026 letter to all regulated entities stated that governance arrangements must include, at a minimum, an inventory of AI tooling and AI use cases, with ownership and accountability across the AI lifecycle.
This applies to every Australian bank (ADI), general and life insurer, private health insurer, and superannuation trustee. It is an explicit minimum expectation, not a best-practice recommendation. Entities that cannot demonstrate an AI inventory when APRA supervisory engagement begins are demonstrably below the minimum APRA has set.
The letter makes clear that the inventory is the foundation for the other governance elements APRA requires: you cannot assign ownership and accountability across the AI lifecycle if you do not know what AI tools and use cases exist, and you cannot provide board-level reporting on AI risk if the board does not know what AI the organisation is running.
2. The Australian Voluntary AI Safety Standard, Guardrail 10
The Australian Voluntary AI Safety Standard, published by the Department of Industry, Science and Resources, includes ten guardrails that constitute the government's view of responsible AI practice for organisations developing or deploying AI in Australia.
Guardrail 10, "Keep and maintain records", requires organisations to keep records of their AI systems, including documentation of system design decisions, datasets used, test results, and ongoing performance monitoring. While the standard is voluntary, it represents the government's articulated expectations for responsible AI practice, and regulators including ASIC have referenced the standard in describing their expectations of regulated entities.
For organisations that want to demonstrate governance maturity to regulators, clients, or boards, alignment with the Australian Voluntary AI Safety Standard is a meaningful benchmark, and that alignment begins with a documented AI inventory.
3. ISO 42001:2023, international baseline for AI management
ISO 42001:2023, the international standard for AI management systems, is increasingly referenced by Australian regulators and is now the baseline certification that regulated entities and their AI vendors are expected to seek.
Clause 4 of ISO 42001 requires organisations to determine the scope of their AI management system and to document the AI systems within that scope. Clause 6 extends this to risk assessment and planning, which cannot be conducted without a prior inventory of AI systems. The standard's documentation requirements at Clause 7.5 further require records of AI systems and their characteristics.
An organisation cannot credibly claim ISO 42001 alignment without a documented AI inventory. And as ISO 42001 becomes the reference point for APRA, ASIC, and the Australian Voluntary AI Safety Standard, the inventory becomes the documented foundation for multiple compliance obligations simultaneously.
What the AI inventory actually requires
An AI inventory is not a list of software licences. It is a structured record of AI systems, with enough information to enable governance decisions.
A complete AI inventory entry for a single system includes:
Identity: What is the AI tool or system? Who provides it? Is it a standalone tool, an embedded feature in another product, or an internally built system?
Purpose: What is the AI used for? What decisions does it influence or make? What processes does it support?
Deployment scope: Where is it deployed, which teams, which functions, which geographies? How widely is it used?
Data access: What data does the AI system access? Does it access personal information? Customer data? Financially sensitive data? Confidential business information?
Risk classification: Based on purpose, data access, and decision influence, what is the risk profile of this AI system? Is it a low-risk productivity tool, a medium-risk recommendation system, or a high-risk system that influences consequential decisions?
Owner: Who is the named human accountable for this AI system? This includes accountability for its performance, its access scope, its compliance with applicable obligations, and its decommissioning.
Third-party relationships: Is this AI supplied by a third party? Does it rely on an external model provider? What is the vendor relationship, and does it constitute a material service provider relationship for CPS 230 purposes?
Lifecycle status: When was this system deployed? Has it been reviewed? Is it currently in active use, in pilot, or being decommissioned?
Why inventory exercises consistently reveal more AI than expected
The gap between what organisations believe they are running and what a structured inventory reveals is consistently larger than people expect. Several factors explain this:
AI features embedded in existing software. Many business applications have incorporated AI features, AI-assisted search, AI-generated summaries, AI-powered recommendations, without those features being recognised as AI systems requiring governance. A project management tool's AI scheduling feature, a customer support platform's AI categorisation, a document editor's AI drafting assistant: these are all AI systems, and they are routinely excluded from initial AI inventories.
Team-level SaaS procurement. Teams frequently adopt AI tools independently using business credit cards, expense accounts, or software budgets without central IT visibility. These tools may handle sensitive data, connect to enterprise systems, and influence consequential decisions without any governance oversight.
Personal accounts used for work purposes. Employees using personal accounts for AI tools, because the organisation has not provided an enterprise option, create a particularly significant visibility gap. Data processed through personal accounts is outside the organisation's data governance controls entirely.
Shadow AI agents. AI agents deployed informally by teams, connected to enterprise systems via shared credentials, operating without documentation or named owners, are a rapidly growing category of invisible AI. They are often the highest-risk category in terms of access scope and autonomy, and the hardest to discover.
Building the inventory: a practical starting approach
Given the scale of the discovery challenge, the most effective approach to building an AI inventory is typically a structured exercise with defined phases rather than attempting to construct a comprehensive inventory from available records.
Phase 1: Central records review. Review IT procurement records, software licences, cloud infrastructure invoices, and approved vendor lists for AI tools that have been formally adopted. This establishes a baseline, it will not be complete, but it provides a starting point.
Phase 2: Business unit engagement. Survey each business unit and function directly. Ask about AI tools in use, AI features of existing software, and any AI-powered processes. The survey should define AI broadly, "any tool that uses machine learning, generative AI, or automated decision-making", because teams frequently use AI tools without recognising them as such.
Phase 3: Network and infrastructure scan. Where available, review network traffic, API integration logs, and cloud service usage for AI service endpoints. This surface shadow AI deployments that are not captured by procurement records or self-reporting.
Phase 4: Validation and classification. For each identified system, validate the inventory record against the criteria above, purpose, data access, risk classification, owner, third-party relationship, lifecycle status. Fill gaps and escalate unowned systems for ownership assignment.
Phase 5: Ongoing maintenance. The inventory must be maintained. AI tool adoption is ongoing, and a point-in-time exercise becomes stale quickly. Establish a process for capturing new AI tool adoption, including team-level tools and embedded AI features, and for reviewing the inventory on a defined cycle.
The inventory as the foundation for everything else
An AI inventory is not the destination. It is the prerequisite for every other governance activity your organisation needs to conduct.
You cannot assess risk without knowing what AI systems exist. You cannot assign accountability without knowing what needs an owner. You cannot conduct AI audits without a system of record to audit against. You cannot produce board reports on AI exposure without a complete picture of what AI the organisation is running. You cannot satisfy APRA's supervisory questions about AI governance without the inventory that those questions presuppose.
For organisations in APRA-regulated sectors, the April 2026 letter has made the inventory timeline clear. APRA supervisory activities are expected to begin in the next 12 months, and the inventory is explicitly listed as a minimum requirement. Entities that have not completed this work face two risks: the direct supervisory risk of demonstrating inadequate governance to APRA, and the underlying operational risk of governing AI they cannot see.
For organisations outside the regulated sector, the three frameworks cited above, the Australian Voluntary AI Safety Standard, ISO 42001, and the clear direction of regulatory travel across ASIC, the OAIC, and state and territory regulators, all point in the same direction.
The AI inventory is the starting point. If you have not built one, that is where governance work should begin.
Regulatory references: APRA Letter to Industry on Artificial Intelligence (AI), 30 April 2026; Australian Voluntary AI Safety Standard, Department of Industry, Science and Resources; ISO/IEC 42001:2023, AI management systems. This article is general information and does not constitute legal or compliance advice.