AI Governance: We Ran the Discovery Audit. Here's What We Found.

AI Governance: A Discovery Problem, Not Deployment

Most enterprises think AI governance is about controlling what they adopt. The real problem is auditing what already arrived — inside tools they trust, tools they pay for, tools they approved years ago. The frameworks exist. The inventory does not.

Teem BlogSandip Biswas

When a Fortune 500 enterprise asked Teem to audit its software catalog for AI capabilities, we tagged 260+ contracts across four tiers. The finding was not what they expected.

Most contracts did not fall into the foundation model category. And on AI-native platforms, the governance discussion is already underway. The majority fell into AI Enhanced — tools that entered the stack as something else and became AI tools mid-contract, without anyone flagging it.

Most of those tools are renewing this year. Without the audit, the enterprise software renewal process would have covered seat counts, pricing, and contract terms — and nothing else. No one would have asked what AI capabilities the vendor shipped since the last signature. Nobody would have built a trigger to surface that question. And once the contract was signed, the window to ask it would have closed for another cycle.

The audit changes that. With a classified catalog in hand, the renewal conversation shifts. You know which tools are AI-enhanced before the renewal lands on the table. You know which security reviews are stale. You know where the leverage window is still open. This post explains what that looks like in practice — the classification system, what the data revealed, and how to use it before the next signature.

Four tiers, one finding

The audit categorized all contracts into four capability tiers. The tiers are not a risk score. They are a map of how AI arrived in the stack — and whether it arrived before or after anyone evaluated it.

1. AI Foundation covers core AI infrastructure. Claude 3, ChatGPT Enterprise, Oracle Cloud Infrastructure. A small number of contracts. Every enterprise with these in its stack knows they have AI. These are rarely a surprise, and not the problem.
2. AI Compatible covers infrastructure that can integrate with AI, but does not inherently include it. VMware Workstation, Sendgrid. Lowest immediate risk, still worth knowing.
3. AI Native covers tools where AI is the core product. CrowdStrike Falcon, Salesforce Agentforce, Gong, SailPoint Identity Security Cloud, Coveo. These exist because of AI. Procurement teams are increasingly aware of them. Security reviews are catching up.
4. AI Enhanced is where the audit finding concentrates. These are tools that entered the stack as something else. An HR platform, an identity provider, a communications suite, and an observability tool. And all of them have shipped AI capabilities since the contract was signed. This is the majority of the 260+ contracts. Workday. Okta. ServiceNow. Cisco Webex. Datadog. Stripe. Dropbox. LinkedIn Recruiter. Nobody bought these as AI tools. They became AI tools mid-contract, without triggering a new evaluation. This is the tier that most AI governance frameworks were not designed to catch, because it presupposes you already know which tools have AI.

260+ contracts audited

These are the contracts from the audit, tagged by tier, filterable by category. The data pattern is consistent: Foundation and Native tools are the visible minorities. Enhanced is the majority. Most of what an enterprise contracts for was approved before its AI capabilities existed.

A sneak peek at 50 of the 260+ enterprise software contracts, classified by AI capability tier. Filter by tier or search by supplier to explore the audit catalog. The full dataset spans 260+ contracts across four capability tiers.

The moment leverage disappears

Software contracts renew on cycles. Most enterprise agreements run for 1 to 3 years. Which means at any given point, a meaningful portion of an organization's software catalog is within 90 days of renewal. In the catalog referenced above, 104 AI-enhanced contracts are set to renew in 2026.

The enterprise software renewal conversation typically covers three things: seat counts, pricing, and contract terms. In most organizations, nobody on that chain asks what the product does now versus what it did when they first signed. The evaluation conducted three years ago is still considered valid.

Since most enterprise software contracts were last evaluated, the majority of vendors in the stack have shipped AI capabilities. Features that did not exist at signature. Model layers that were not in scope during the original security review. Subprocessor agreements have been quietly updated to reflect new LLM dependencies.

The renewal is the last moment of leverage. Before signature, the enterprise has options — renegotiate data processing terms, require updated security documentation, demand disclosure of AI subprocessors, or walk away. After the signature, those options close for another cycle. The AI layer that was never evaluated is now baked into the renewed contract by default.

Most renewals happen without anyone asking the AI-question. Not because procurement teams are careless. Because nobody built a trigger to surface it.

What AI Enhanced actually means for your data

AI-enhanced tools entered procurement as something specific — a payroll system, an identity provider, a recruiting platform. The security review that approved them evaluated the product as it existed at that moment. When the AI feature shipped, it was included in a product that already had access to sensitive data, without triggering a new evaluation.

Two examples from the audit data make this concrete.

1. A Fortune 500 Enterprise HR platform. The core management suite has deeply embedded AI and machine learning across its platform — including generative AI capabilities, a skills intelligence layer, and AI-assisted features across recruiting, time tracking, and performance management. The recruiting module now incorporates AI for resume screening, automated candidate matching, and chatbot-driven candidate engagement. These features process employee data through a model layer that was not in scope during the original vendor risk assessment. Same contract. Broader data processing scope. No re-evaluation required under most enterprise procurement frameworks.
2. An enterprise identity provider. Adaptive multi-factor authentication now uses machine learning models to analyze authentication data and identify login anomalies. Single sign-on incorporates AI-driven risk analysis and threat blocking. The directory layer has been enhanced to manage and govern AI agents and non-human identities. Identity and access data — among the most sensitive categories in any enterprise stack — now flows through AI models that arrived after the contracts were signed.

The risk is not that these tools have AI. The risk is that the security reviews governing their use were written for different products. The tools changed. The evaluations did not.

Why most organizations cannot prepare

Running a pre-renewal AI capability assessment requires knowing two things: which contracts are renewing, and what AI capabilities each tool currently has. Most organizations cannot answer either question cleanly.

The first problem is catalog fragmentation. Most large enterprises do not have a single, current, accurate view of their contracted software. Procurement is decentralized. Business units buy independently. Mergers bring in untracked stacks. The 260+ contract audit referenced in this post was possible because the catalog existed as a unified object. Most enterprises are starting from a more fragmented position, which means the renewal flag cannot even be built until the catalog problem is solved.

There is also a prerequisite most organizations have not met. The 260+ contract audit was possible because the catalog existed — one customer, one maintained catalog, 260+ rows. Without a unified catalog, the audit cannot be run. The inventory problem precedes the governance problem.

The second problem is the capability currency. Even organizations with a maintained catalog typically track what a tool was at the time of procurement, not what it is now. Vendor documentation updates. AI features ship quietly. Subprocessor agreements change without notification. The catalog entry for a tool approved three years ago reflects the product as it existed then, not as it exists at the moment of renewal.

Both problems are solvable. Neither is solved by a spreadsheet.

What the renewal conversation should look like

Three questions need to be on the table before any renewal involving an AI-enhanced tool — not at the point of signature, but 90 days before it.

1. What AI capabilities has this vendor shipped since the last evaluation?
   Not what is in the original security review. What does the product do now, with specific reference to any model layers, LLM integrations, or AI-driven features added post-contract?
2. Has the subprocessor agreement changed?
   Most enterprise contracts require vendors to notify of material changes to subprocessors. Most procurement teams do not have a process for tracking those notifications or connecting them to renewal decisions.
3. Has the original security review been updated to reflect the current product?
   If the answer is no — and for most AI-enhanced tools in most enterprise catalogs, it is — the renewal is based on an outdated assessment.

Teem surfaces this as part of catalog management.
The AI capability assessment for each tool is maintained as a current view, not a point-in-time snapshot — so the renewal conversation starts with what the product does today, rather than what it did when procurement last looked.

Learn more at www.teem.finance.

The contract you are about to renew is not the same product you approved. An audit tells you what changed. The renewal window is when that information still matters.
This is part two of Teem's AI governance series. Part one covered why discovery is the central problem in enterprise AI governance. Part three will address the catalog problem—why most enterprises cannot run this audit at all —and what a procurement intelligence layer actually looks like.