AI Inventory for EU AI Act Compliance
Your AI inventory is the foundation of compliance. Learn what to capture, how to maintain it, and the mistakes that trip up most organizations.
Why Your AI Inventory Matters
Single Source of Truth
You can't classify, control, or evidence compliance for systems you don't know about.
Risk Visibility
See which systems are high-risk, which need transparency notices, and where gaps exist.
Audit Evidence
When regulators or customers ask, your inventory is the first thing they'll want to see.
Essential Fields to Capture
A compliant AI inventory needs these data points for each system.
How to Build Your Inventory
Identify all AI systems
Audit your software stack for any system that infers outputs from inputs—chatbots, ML models, recommendation engines, automated decision-making tools.
Gather system information
For each system, document the vendor, purpose, affected groups, deployment regions, and data types processed.
Assign ownership
Designate a business owner for each system who is accountable for compliance decisions.
Classify risk levels
Use the Annex III criteria to determine if each system is minimal, limited, or high-risk.
Document controls
Record human oversight models, logging capabilities, and operational procedures.
Establish review cadence
Set triggers for quarterly reviews, model updates, and vendor changes to keep the inventory current.
Common Mistakes to Avoid
Only listing 'obvious' AI
Chatbots, recommendation engines, automated screening tools are all AI. Audit your entire software stack.
Using spreadsheets without audit trails
Excel doesn't capture who changed what and when—critical for compliance evidence.
Set-and-forget mentality
AI systems evolve. Your inventory needs regular review triggers for model updates, new use cases, and vendor changes.
No ownership assignment
Every system needs a named business owner. 'IT' or 'The team' isn't good enough.
Related Resources
Inventory Template
Downloadable spreadsheet with all required fields.
Download TemplateDefinition Checker
Not sure if it's an AI system? Use our checker.
Check NowInventory Software
Automated inventory with audit trails and exports.
Learn MoreFrequently Asked Questions
What is an AI system inventory under the EU AI Act?
An AI system inventory is a documented register of all AI systems your organization uses or deploys. It captures essential information like system purpose, risk classification, ownership, and compliance status—forming the foundation of EU AI Act compliance.
Why is an AI inventory the first step in compliance?
You can't classify, control, or evidence compliance for systems you don't know about. The inventory is your single source of truth that enables all other compliance activities—from prohibited practice screening to high-risk deployer obligations.
What fields should an AI inventory capture?
At minimum: system name, owner, vendor, purpose, affected groups, deployment regions, risk classification, and human oversight model. Additional fields like data types, logging, and transparency requirements help with Article 26 and 50 obligations.
How often should we update the AI inventory?
Review quarterly at minimum. Additionally, update immediately when there are model changes, new use cases, vendor updates, or material changes that could affect risk classification.
Can we use a spreadsheet for our AI inventory?
While spreadsheets work initially, they lack audit trails, automated classification, and evidence linking. Purpose-built tools like Klarvo provide these features essential for demonstrating compliance to auditors.
Ready to Build Your AI Inventory?
Klarvo automates inventory management with guided intake, classification, and audit-ready exports.