AI System Inventory by Risk Class
The AI Act audits systems, not API calls. Every AI system inventoried with its risk class.
Framework / standard: EU AI Act Art. 6 / Annex III · Art. 11 · ISO/IEC 42001 A.6
The EU AI Act does not audit individual model calls: it audits AI systems. Without a stable subject from which governance hangs, AI traceability becomes a collection of disconnected logs. That is why the AI system inventory is the foundational piece of AI governance.
Linedat models every AI system — internal (auto-descriptions, chat, semantic search) or external (declared by the tenant) — as a versioned entity with purpose, owner, domain, provider and model, its lifecycle status and its EU AI Act risk class.
AI Act risk class as a first-class axis
Each system carries its EU AI Act risk class (prohibited / high / limited / minimal) as a separate axis from technical risk. That distinction matters: a system may have low technical risk of hallucination and still be high regulatory risk based on its use context (Annex III). The inventory is what lets you answer "how many high-risk systems do we have and which ones lack a FRIA?" in seconds.
The anchor from which everything else hangs
FRIAs, AI incidents, risk assessments, providers, model cards and dataset cards are linked by foreign key to the AI system. Its lifecycle (development → pilot → production → suspended → retired) is governed with a state machine. This way, the technical documentation of Art. 11 stops being scattered prose and becomes a living dossier per system.
The limits (what we do not claim)
The risk class is assigned declaratively (determined by the responsible person, not an automated engine). Suspending a system is documented with its reason, but it does not apply an automatic technical block: it is governance evidence, not an inference firewall.
How Linedat helps
Linedat gives you the AI inventory that the ISO 42001 and AI Act auditor expects to find first. It is what your team does not have to build or maintain on its own to have a serious compliance conversation.
Related capabilities
The FRIA required by EU AI Act Art. 27, versioned and linked to the AI system — not a Word document sitting in a folder.
AI Incidents with the 15-Day ClockA serious incident starts the Art. 73 clock. We start it running and block closure until notification is on record.
Versioned Model Cards and Dataset CardsTransparency is not an attached PDF: it is a versioned card with status.
