Start by attributing each model call to a specific team, service, or workflow, then capture token counts and pricing in real time. Showback should be used to create visibility and behaviour change before any billing is enforced. If the organisation cannot trust the numbers, it is too early for chargeback.
Why This Matters for Security Teams
AI showback is not just a finance exercise. In production, it becomes a control point for understanding which team, service, or workflow is consuming model capacity, how quickly usage is growing, and whether those calls map to approved business outcomes. Without attribution, security teams cannot distinguish legitimate automation from misuse, nor can they spot runaway agents, prompt loops, or hidden dependencies before costs and risk expand together. That is why showback should be built as an operational visibility layer, not a retrospective spreadsheet.
The practical concern is that model usage often behaves like other non-human identity activity: distributed, fast-moving, and easy to obscure when workloads are shared. NHI governance guidance from NHI Management Group and the evidence summarized in The State of Non-Human Identity Security show why visibility gaps matter. The same pattern appears in AI operations: if telemetry is weak, the organisation learns about the problem only after usage spikes, cost overruns, or policy exceptions have already spread. Security teams should align showback with the visibility and accountability objectives described in NIST Cybersecurity Framework 2.0. In practice, many security teams encounter misuse only after a shared service has already accumulated weeks of unreviewed model spend.
How It Works in Practice
Production showback works best when every model request carries a durable identity that can be tied back to a service, application owner, or workflow. Security teams should instrument the application layer and the model gateway so each call captures identity, environment, timestamp, model name, token counts, retry volume, and unit pricing. That data then feeds a central reporting pipeline where usage is aggregated by cost centre, product team, or agent type.
Current guidance suggests three implementation steps:
- Attribute requests at the source, not just at the billing layer, so shared infrastructure does not erase ownership.
- Normalize token and pricing data in near real time so teams see the same numbers the platform sees.
- Review variance between expected and actual consumption to identify prompt churn, inefficient retrieval, or emergent agent behaviour.
For organisations building stronger NHI governance, the same operational logic applies to AI identities. The Ultimate Guide to NHIs - The NHI Market is useful context because AI workloads increasingly resemble other machine identities that need traceability, ownership, and lifecycle controls. For usage telemetry and control mapping, teams can also align reporting with NIST Cybersecurity Framework 2.0 and its emphasis on governance and continuous monitoring.
Showback should remain read-only at first. The goal is to shape behaviour through visibility, not to punish teams before the data is trusted. Once the numbers are stable, organisations can introduce thresholds, approvals, or budget alerts. These controls tend to break down when model access is routed through multiple proxies and shared service accounts because the original caller identity is lost before the usage event is recorded.
Common Variations and Edge Cases
Tighter attribution often increases integration overhead, requiring organisations to balance accountability against deployment speed. That tradeoff matters most in environments with multiple model providers, shared agent platforms, or legacy services that do not pass identity context cleanly.
There is no universal standard for showback labels yet, so best practice is evolving. Some teams map costs to product squads, while others map them to environments, workloads, or business capabilities. The right choice depends on who can actually act on the data. If ownership is too broad, showback becomes a report no one can use. If it is too narrow, teams spend more time reconciling charge lines than improving behaviour.
Security teams should also watch for edge cases where model usage is embedded inside orchestration tools, internal copilots, or multi-agent pipelines. In those environments, a single user action may trigger several downstream model calls, making raw token totals hard to interpret without workflow context. A practical approach is to keep a request identifier that links all child calls back to the initiating workflow. The broader risk picture reflected in The State of Non-Human Identity Security is relevant here: when visibility is incomplete, control decisions degrade quickly. Showback is most reliable when data is sourced from a controlled gateway rather than direct provider logs, because direct logs often miss internal routing and identity handoff boundaries.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
NIST CSF 2.0, NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| NIST CSF 2.0 | GV.OC-02 | Showback needs clear ownership and service context for every AI workload. |
| NIST CSF 2.0 | DE.CM-01 | Real-time token and cost telemetry is a continuous monitoring requirement. |
| NIST AI RMF | Showback supports AI governance by improving transparency and accountability. |
Use AI RMF governance practices to document ownership, telemetry, and review of production model spend.
Related resources from NHI Mgmt Group
- How should security teams govern machine identity credentials in agentic AI environments?
- How should security teams limit the risk from AI agents that have access to production systems?
- How should security teams manage permissions for AI agents?
- How should security teams govern AI agents that use OAuth access?
Deepen Your Knowledge
Reviewed and updated by the NHIMG editorial team on June 23, 2026.
NHI Mgmt Group — the #1 independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org
