AI System Registry

What this means in practice

Some regulations, including the EU AI Act, require organizations to maintain such registries and make certain information publicly available for high-risk systems. Beyond compliance, the registry serves as a governance foundation that prevents shadow AI proliferation, enables portfolio-level risk assessment, and supports audit and assurance activities. In COMPEL, the AI System Registry is established during the Calibrate stage as part of the technology landscape assessment and maintained as a living governance artifact throughout the transformation lifecycle.

Why it matters

Shadow AI — ungoverned AI systems deployed without organizational awareness — is a growing risk as AI tools become more accessible. An AI System Registry prevents shadow AI proliferation by creating a single source of truth for all AI systems in use, under development, or being evaluated. Regulatory frameworks like the EU AI Act increasingly require organizations to maintain such registries, making this both a governance necessity and a compliance requirement.

How COMPEL uses it

The AI System Registry is established during the Calibrate stage as part of the technology landscape assessment and maintained as a living governance artifact throughout the COMPEL lifecycle. During Model, registry requirements are formalized including required metadata fields and review schedules. The Produce stage populates the registry with all deployed systems, and the Evaluate stage uses registry data for portfolio-level risk assessment and compliance auditing.

Related Terms

Other glossary terms mentioned in this entry's definition and context.

• Artifact
• Assurance
• Calibrate Stage
• Classification
• COMPEL Lifecycle
• EU AI Act
• Evaluate Stage
• Metadata
• Model Registry
• Produce Stage
• Shadow AI