AI Model Inventory

The authoritative record of AI assets in production, including ownership, risk tier, lifecycle stage, data access, and assessment status. It exists to support accountability, auditability, and governance. Unlike a catalog, it is designed to answer who is responsible and whether the asset remains within approved bounds.

Expanded Definition

An AI model inventory is the operational source of truth for AI assets that are deployed, approved, or otherwise in use. It records who owns each model, what it does, where it runs, what data it touches, and whether security, privacy, and governance checks remain current. In practice, it sits closer to governance than to documentation. A catalog may describe what exists, but an inventory is expected to answer who is accountable and whether the model is still within approved bounds.

For NHI Management Group, the term also matters because AI models often depend on service identities, API keys, and other secrets to reach data and tools. That makes the inventory a control surface for both model risk and NHI exposure. Standards do not yet define one universal inventory format, so usage in the industry is still evolving. Common practice borrows from control mapping concepts in the NIST Cybersecurity Framework 2.0, but organisations often adapt the record to local risk and audit needs. The most common misapplication is treating a model inventory as a static spreadsheet, which occurs when updates do not follow deployment, retraining, or access changes.

Examples and Use Cases

Implementing an AI model inventory rigorously often introduces maintenance overhead, requiring organisations to weigh governance visibility against the cost of keeping records continuously current.

• A bank tracks every fraud detection model with owner, training dataset class, approval date, and rollback plan so reviewers can see when a model drifts outside tolerance.
• A product team records which models call customer APIs through service accounts, then links those entries to secret rotation evidence and access review dates.
• A healthcare provider inventories triage models separately from chat assistants because each has different data access, clinical risk, and reassessment cadence.
• An enterprise adds each production model to the inventory only after security sign-off, drawing on lessons reflected in the DeepSeek breach and the NIST Cybersecurity Framework 2.0 to ensure owners, dependencies, and control status are explicit.
• A regulated SaaS provider marks experimental models as non-production until monitoring, approval, and human escalation paths are documented, preventing accidental promotion.

Why It Matters in NHI Security

An AI model inventory reduces blind spots where model access, embedded credentials, and vendor dependencies become invisible to security teams. Without it, organisations often lose track of which models can reach sensitive systems, which service identities they use, and which approvals have expired. That is not just a governance gap. It is how AI risk becomes an NHI problem, because unmanaged model-to-system access can leave secrets exposed long after deployment has changed. NHIMG research on the State of Secrets in AppSec shows that only 44% of developers follow secrets management best practices, while the average remediation time for a leaked secret is 27 days, a combination that makes inventory accuracy matter operationally rather than administratively. The same inventory discipline helps correlate model ownership with secret storage, rotation, and access exceptions before an audit or incident forces the issue. Organisations typically encounter the need for a reliable AI model inventory only after a model is found to have unauthorised access or an exposed secret, at which point accountability becomes operationally unavoidable to address.

Related resources from NHI Mgmt Group

• Asset Inventory
• Secrets Inventory
• Shared Responsibility Model
• What does AI model abuse reveal about the current NHI threat surface?