SAIL

/

Code/ No Code - AI Asset Discovery

/

Discovery of Outdated or Orphaned AI Assets

2.7

.

Discovery of Outdated or Orphaned AI Assets

sail
2.7
Risk

Discovery of Outdated or Orphaned AI Assets

Description

Identifying AI models, datasets, or tools that are no longer actively maintained, supported, or have clear ownership, posing unmonitored security, compliance, or operational risks.

Example

A data science team built an experimental model two years ago; the team members have left, and the model is still running on an old server with unpatched vulnerabilities.

Assets Affected

Model files

Dataset / RAG

Notebook

AI platform

Mitigation
  • Establish clear ownership and lifecycle management for all AI assets from discovery
  • Implement processes for decommissioning or archiving orphaned assets
  • Regularly review asset inventory for outdated components
Standards Mapping
  • ISO 42001: A.6.2.6, A.3.2
  • NIST AI RMF: GOVERN 1.7, MANAGE 2.2