Episode 22 — Inventory AI assets: models, prompts, data, and key dependencies (Task 13)
This episode teaches Task 13 by explaining how to inventory AI assets in a way that supports governance, risk decisions, and exam-ready control evidence, because AAISM treats “you can’t secure what you don’t know you have” as a foundational truth. You’ll define what counts as an AI asset beyond the model itself, including prompts and prompt templates, embeddings and vector stores, training and evaluation datasets, inference endpoints, pipelines, access paths, and third-party dependencies like hosted APIs and SaaS connectors. We’ll use an enterprise assistant scenario to map data flows and identify hidden dependencies that become exam-relevant risk points, such as external logging, plugin permissions, and shadow usage by teams outside the original rollout. You’ll also learn how asset inventory ties directly to access control, monitoring scope, incident response readiness, and compliance reporting, so inventory is treated as an operational control, not a spreadsheet. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.
