You cannot govern what you have not identified. This principle, obvious when stated, is routinely violated by organizations attempting AI governance. They create policies, establish committees, and build frameworks while lacking comprehensive understanding of where AI actually operates within their enterprise. Their governance applies to systems they happen to know about while missing systems proliferating without awareness. The result is governance that covers some fraction of actual deployment while the remainder operates ungoverned.
The AI Role Inventory is the foundational governance requirement: comprehensive identification of every AI system functioning as a role within the organization. As established in earlier posts, the governance professional must build this inventory as prerequisite to everything else. Without it, accountability architecture assigns responsibility for unknown systems. Policy frameworks establish requirements that apply to systems no one has identified. The inventory is not a nice-to-have documentation exercise. It is the foundation without which governance has no subject matter.
Roles, Not Assets
Most organizations have AI asset inventories in some form. IT tracks software licenses. Procurement tracks vendor relationships. Data science catalogs models. These inventories answer: what AI does the organization own? This is not what governance requires. Governance requires knowing where AI occupies roles requiring human moral judgment, regardless of whether the organization owns the AI, licenses it, or accesses it through embedded platform features.
The tool versus role distinction determines what governance requires. When humans initiate and AI responds, AI functions as a tool receiving traditional technology governance. When AI initiates action affecting stakeholders, AI occupies a role. An AI system contacting customers proactively occupies a customer service role. An AI system screening applications before human review occupies a screening role. An AI system monitoring transactions and flagging suspicious activity occupies a compliance role. These role occupations create the Vacancy Problem: positions requiring human judgment filled by systems incapable of judgment. The Role Inventory must identify every such instance.
Classification by First Mover Authority
The Role Inventory must classify each system by First Mover Authority level. Level 1 systems where humans initiate receive baseline governance. Level 2 systems where AI initiates within designed parameters require structural accountability. Level 3 systems where AI orchestrates other AI require governance addressing cascading effects and the Daisy Chain Principle. Level 4 systems where AI self-modifies require the most comprehensive governance including modification boundaries and continuous monitoring.
Classification determines governance requirements. Treating all deployments identically either over-governs Level 1 tools or under-governs Level 4 systems. A chatbot at Level 2 requires different governance than a trading system at Level 4. Classification is not always obvious from documentation. Vendors may understate authority levels. Systems may acquire higher-level capabilities through updates. The inventory must reflect operational reality, requiring ongoing verification that classifications remain accurate.
Mapping Affected Populations
The Role Inventory must map each system to the human populations it affects. AI governance addresses how humans exercise moral agency toward other humans. The “other humans” matter: who experiences the effects, who bears consequences, who faces the vacancy when AI occupies roles that would otherwise involve human judgment. Governance requirements and oversight intensity depend significantly on who is affected.
Mapping requires thinking beyond direct users. A hiring AI directly affects candidates and indirectly affects the organization through screened candidate quality. A credit AI directly affects applicants and indirectly affects communities through credit availability patterns. The inventory should capture both direct and indirect effects, recognizing that governance attention may be warranted for populations the organization does not primarily consider stakeholders. Mapping should also identify vulnerable populations whose interests warrant heightened attention.
Connecting to Accountability
The Role Inventory must connect each system to accountability structures governing it. As the subsequent post will examine, accountability architecture assigns specific humans to specific responsibilities. The inventory should capture these assignments: who designed this system into its role, who operates it daily, who maintains override authority, who is accountable to affected stakeholders. This connection enables governance to verify that all identified systems have corresponding accountability and to identify systems where assignments are missing or nominal.
Accountability connection also reveals concentration where too many systems depend on the same individuals. An organization may assign one person accountable for dozens of systems, creating theoretical accountability without practical oversight capability. The inventory mapping systems to accountable individuals reveals concentration undermining effectiveness.
Building the Inventory: Discovery Challenges
Building a comprehensive inventory requires discovery methods finding AI in unexpected places. AI proliferates through organizations in ways that centralized visibility does not capture. Business units acquire AI through SaaS platforms marketed as business tools. Embedded AI appears in software updates without explicit deployment decisions. Shadow IT introduces AI as teams solve immediate problems without governance review. The challenge is not cataloging what central IT deployed but finding AI wherever it operates.
Discovery must think functionally rather than terminologically. People may not recognize their systems as AI. When asked whether they use AI, they say no. When asked whether they use systems generating content, making predictions, automating decisions, or initiating actions, they describe AI capabilities. Discovery must probe functional capability. The questions are: Does this system initiate action without human triggering? Does it affect how stakeholders experience the organization? Does it make or influence decisions otherwise requiring human judgment?
Discovery is not one-time. AI deployment is continuous. New systems appear monthly. Existing systems acquire capabilities. The inventory requires ongoing discovery: periodic surveys, procurement flags identifying AI acquisition, automated scanning for AI-associated features, integration monitoring detecting when systems begin exhibiting autonomous behavior. The inventory comprehensive six months ago may now miss significant portions of actual deployment.
What Discovery Reveals
Organizations conducting comprehensive discovery consistently find more AI in role capacity than leadership believed. The customer service platform that no one considered AI turns out to route contacts, generate responses, and make escalation decisions autonomously. The HR system screens applications, flags performance issues, and recommends compensation adjustments. AI has proliferated in ways organizational awareness has not tracked.
Discovery also reveals accountability gaps. Many AI systems in role capacity have no clearly assigned accountability. No one designed them consciously into roles; they acquired role functions through feature expansion. No one operates them with governance awareness. No one maintains override authority. The gap between what exists and what has assigned accountability represents governance debt: deployments operating without the structural accountability ethical AI requires.
The Role Inventory reveals what governance must address. Without it, governance applies to whatever AI happens to be visible while the majority operates below awareness. With it, governance can systematically extend accountability to every AI in role capacity, allocate oversight based on risk, and verify frameworks cover what requires governance. The governance professional who builds a comprehensive Role Inventory creates the foundation on which all other governance structures rest. The professional who skips this step builds frameworks governing the visible fraction while the rest operates as though governance did not exist.
