Shadow AI Inventory Spreadsheet: Discover Unsanctioned AI Tools Without a CASB
Spreadsheet-first discovery, domain list, risk scoring, and AI-006 / AI-001 integration.
Shadow AI adoption often outpaces formal approval: engineering teams on Claude Code, marketing pasting customer data into ChatGPT, support using unapproved summarizers, finance uploading spreadsheets to AI analytics tools.
Traditional playbooks recommend CASB deployment, DLP, and domain blocking. For startups and mid-market organizations, that stack is not always practical on day one — yet governance teams still need a defensible answer to a common audit question: which AI tools are in use, and who approved them?
This guide documents a spreadsheet-first shadow AI discovery method: discovery tactics, an AI domain starter list, a risk-scoring register, and integration with AI-001 and AI-006 — without requiring enterprise-grade tooling to begin.
Operational guidance only. This guide supports shadow AI discovery planning. It is not legal advice. Discovery methods must comply with employment law, privacy notices, and local monitoring regulations. Engage counsel before employee device or communication monitoring.
Shadow AI inventory is a spreadsheet-based register of AI tools used for work without formal approval. In practice, it’s also described as an unsanctioned AI tools register, an employee AI usage audit, or an AI shadow IT spreadsheet.
On this page
What Counts as Shadow AI?
Classify as shadow AI when all four apply:
- Uses generative AI, ML, or AI-assisted decision support
- Used for work (even occasionally)
- Has not completed formal approval
- Not on the organization’s Approved AI Tools Register
| Usually shadow | Usually approved |
|---|---|
| Personal ChatGPT for work drafts | Enterprise ChatGPT with SSO |
| Personal Claude for code | Approved Claude Team deployment |
| Unreviewed Merlin/Harpa extension | Security-reviewed extension |
| Dept-paid AI without vendor review | Vendor-reviewed platform + DPA |
Include: LLMs, generative tools, user-data training. Borderline: Grammarly (if generative), Smart Compose on confidential docs, Notion AI, M365 Copilot. When in doubt, include it — under-inclusion is the bigger risk.
Quick Self-Assessment
- We can name every AI tool used for work
- We discover new AI tools as they emerge
- We classify tools by risk tier
- We have an AUP covering AI tools
- We can show auditors how we manage unsanctioned AI
Why Spreadsheet-First Beats “Wait for CASB”
| Approach | Time | Cost | Best for |
|---|---|---|---|
| CASB / SSE | 4–12 weeks | High ($50k+) | Enterprise security teams |
| Network DLP + proxy | 2–6 weeks | Medium | Mid-market with stack |
| Spreadsheet discovery | <1 day | $0 | Startups, scale-ups, pilots |
Augment — do not replace — the spreadsheet when the register exceeds 50 tools, critical findings repeat, or audit pressure increases. Lightweight SSO exports and DNS alerts typically precede full CASB investment.
Common shadow AI findings
- Personal ChatGPT for customer comms
- Claude / Claude Code for development
- Otter, Fireflies, Fathom on customer calls
- Notion AI, GrammarlyGO, Jasper in SaaS
- Browser extensions (Merlin, Harpa, Monica)
- Perplexity / You.com for research
- Midjourney / DALL·E for marketing
- Excel Copilot, Tableau AI on business data
Shadow AI risk tiering
| Tier | Criteria | Response |
|---|---|---|
| Critical | PII/PHI/customer data; training default; unknown policy | Escalate + block + policy update (24h) |
| High | Internal data retained; opt-out unconfirmed | Register + AUP + quarterly review |
| Medium | Public data; reputable vendor policy | Register + annual review |
| Low | Personal use; no work data | Optional entry + awareness |
Quick Start: First 5 Tools in 1 Hour
- SSO logs (15 min): 90-day export; filter
ai, OpenAI, Claude, Copilot - Expenses (15 min): OpenAI, Anthropic, ChatGPT, Claude, Midjourney
- Slack/Teams (15 min): search ChatGPT, Claude, Copilot
- Poll (15 min): 3-question survey to eng + marketing
- Document: add rows to CSV below with risk tier
Discovery Tactics (No CASB)
1. SSO / identity logs
Filter Okta, Azure AD, or Google logins for AI domains. Note: Copilot may appear as GitHub; Notion AI as Notion — cross-check URLs.
2. Expense & procurement
Search: OpenAI, Anthropic, Cursor, Midjourney, Jasper, Otter, Fireflies, Notion, Grammarly.
3. DNS / firewall logs
Top domains vs approved list — see domain starter list below.
4. Browser history (small teams)
Managed Chrome/Firefox exports for repeated AI domain visits.
5. Surveys & interviews
Non-punitive: “What AI tools do you use for work?” — engineering, marketing, support, finance.
6. API key scanning
Pair with prompt firewall / secret detection in CI.
7. Extensions & MDM (optional)
Merlin, Harpa, Monica — endpoint or MDM reports.
AI Domain Discovery Starter List (50+)
Copy into DNS filters, log analysis, or manual review. Update quarterly — new AI tools launch weekly.
Shadow AI Register Schema
Core columns (aligns with AI-006):
| Column | Purpose |
|---|---|
tool_id | e.g. SHADOW-AI-001 |
tool_name | Claude Code (unapproved) |
discovery_method | SSO, expense, survey, API scan |
discovered_date | YYYY-MM-DD |
primary_user | Team or individual |
usage_scope | Individual / Team / Dept / Org |
data_exposure_risk | PII, customer data, internal, public, unknown |
vendor_data_policy | Training default, opt-out, no training, unknown |
opt_out_confirmed | Yes / No / N/A |
risk_tier | Critical / High / Medium / Low |
remediation_status | Blocked, AUP pending, approved w/ conditions, monitoring |
next_review_date | YYYY-MM-DD |
Extended: aup_reference, business_justification, approved_alternative, resolution_notes.
Copy-Paste CSV Template
Risk scoring formula
AI-006 + AI-001 Integration
Sample AI-001 language:
Run vendor due diligence with the 30-question AI vendor questionnaire. For governed inventory columns, see the ISO 42001 register walkthrough.
Kickoff email (enablement, not punishment)
Escalation triggers
- PII/PHI/customer data without approval
- Training default with no opt-out or unconfirmed opt-out
- No security documentation (SOC 2, privacy policy)
- Org-wide use without awareness
Program metrics (monthly)
| Metric | Why |
|---|---|
| Total discovered tools | Discovery effectiveness |
| Approved vs unapproved ratio | Enablement progress |
| Critical findings (sustained zero) | Risk control |
| Remediation SLA | <7d Critical, <30d High |
| AUP acknowledgment rate | Cultural adoption |
Limitations
Spreadsheet discovery will not reliably catch: BYOD without MDM, personal email accounts, local open-source models, encrypted destinations, or brand-new domains. Document these limitations in the organization’s risk assessment.
Shadow AI Discovery + Governance Toolkit
Spreadsheet register, AUP, and vendor intake from the AI Governance Kit.
- AI-006 — system register (sanctioned tools)
- AI-001 — acceptable use policy
- AI-016 — policy acknowledgments
- AI-011 — vendor intake for newly discovered tools
Related resources
- AI vendor security questionnaire
- Agent governance (coding assistants)
- EU AI Act Article 50 disclosures
- Prevent source code leaks to AI tools
FAQ
Implementation checklist
- Define shadow AI scope
- Pick 2–3 discovery tactics (SSO + survey recommended)
- Create register + risk formula
- Run 1-hour quick start sweep
- Classify and escalate Critical/High per SLA
- Update AI-001 with §3.2-style clauses
- Communicate kickoff email to affected teams
- Configure SSO block / DNS where feasible
- Quarterly re-discovery + metrics
- Retain evidence for audits
This spreadsheet method provides a practical baseline for shadow AI discovery when enterprise tooling is not yet in place. Pair the register with AI-001 policy language and AI-006 for sanctioned tools to demonstrate governance maturity to auditors and leadership.