AI Bill of Materials (AI-BOM)
An AI Bill of Materials is a machine-readable inventory of the components an AI system depends on at runtime: the foundation model and its version, the fine-tuning datasets, the prompt templates, the retrieval sources, the toolchain the agent can call, and the policy configuration the request layer applies. The AI-BOM extends the software-supply-chain practice CISA codified in the SBOM (Software Bill of Materials) into the AI context. NIST's AI RMF references the inventory practice under MAP 4.1 (third-party AI components are inventoried), and the EU AI Act's technical documentation requirement under Article 11 expects an equivalent artifact.
How the AI-BOM differs from a traditional SBOM
A traditional SBOM lists code libraries and their versions. The AI-BOM adds three categories the SBOM has no slot for: the model (a base model identifier, a model version, a fine-tuning checkpoint hash), the data (training data sources, retrieval index identifiers, evaluation datasets), and the runtime configuration (the system prompt, the tool schema, the policy rule set the gateway applies). The AI-BOM is regenerated when any of those components change, which keeps the artifact aligned with the running system.
Why the AI-BOM is the inventory layer audit depends on
A regulator who asks "what model handled this request and which policy version applied?" needs to read the per-decision audit record against the AI-BOM snapshot that was current at the moment of the decision. The audit record carries the model identifier and the policy version hash. The AI-BOM carries the human-readable description of what those identifiers refer to, who approved the configuration, and which third-party components were active. The two artifacts together produce the reproducible inventory the audit rea
Related reading
- AI Model Governance: Controls That Operate on the Request Path
AI model governance fails when it sits at the model registry layer alone. Model cards and versioning catalog the asset. Per-request enforcement governs how the model is actually used. Article walks through the runtime layer most model governance programs leave out.
- AI Data Governance: Classifying What Enters and Leaves the Prompt
AI data governance fails when the classification engine runs on documents and not on prompts. The data lake is sorted, the AI request path is not. Article walks through the prompt-level classification, lineage, and disclosure architecture that satisfies the regulators asking new questions about model inputs.
- AI Governance Software: What to Look For Beyond the Policy Builder
AI governance software splits into policy-building, inventory, and runtime enforcement. Most products in the category cover policy and inventory and leave runtime evidence to whatever the engineering team builds. Article walks through the architectural layers and what to ask vendors before signing.