ArwicAI Use Disclosure | Arwic

AI Use Records

Independent documentation of how AI is actually used inside your organization.

AI is already embedded in everyday work—drafting, summarization, analysis, decision support. What most organizations lack is a clear, defensible record of how that AI use occurred, who oversaw it, and what was considered at the time.

That gap becomes a problem only later—when questions are asked.

AI Use Records exist to close that gap.

Through years of working with organizations to define AI-based workflows, Arwic discovered that companies consistently faced the same challenge: they knew AI was being used, but they couldn't clearly document how, by whom, or under what oversight. AI Use Records emerged directly from that observed need.

Why AI Use Records Matter

When AI usage is questioned—by leadership, auditors, clients, insurers, or regulators—the issue is rarely whether AI was used.

The issue is:

  • Can you clearly explain how it was used?
  • Can you show who was responsible?
  • Can you demonstrate that risks were considered proportionally?
  • Can you show what was true at that point in time, before hindsight sets in?

Most organizations cannot answer those questions cleanly because AI usage:

  • spreads informally,
  • evolves faster than policy,
  • and leaves no consolidated record.

An AI Use Record provides that record.

What an AI Use Record Is

An AI Use Record is a concise, timestamped document that captures:

  • What AI tools are being used
  • Where and how they are used in day-to-day work
  • Whether use is assistive or decision-supporting
  • What human oversight exists
  • What risk categories were considered
  • What governance or guidance was in place at the time

It is designed to be:

  • factual
  • proportional
  • easy to understand
  • defensible after the fact

It documents reality.
It does not certify compliance or approve systems.

What This Is Not

AI Use Records:

  • do not certify compliance with laws or standards
  • do not provide legal advice
  • do not audit or enforce controls
  • do not require new tooling or platforms
  • do not disrupt normal operations

They are independent documentation artifacts, created to stand on their own.

How the Process Works

The process is intentionally simple, fast, and low-cost.

1. Scoped Setup

We define:

  • the organizational scope
  • the time period covered
  • the teams included
  • any exclusions

This keeps the record bounded and defensible.

2. Short Employee Interviews

We conduct remote interviews with employees who use AI as part of their work.

  • Approximately 5 minutes per employee
  • A small set of pointed, non-technical questions
  • Focused on actual usage, not theory
  • No preparation required from employees

3. Process & Policy Review

We review:

  • existing policies or guidance
  • relevant workflows
  • approval or oversight practices
  • any AI-related internal documentation already in place

This is a light review, not a redesign.

4. Record Compilation

From the collected data, we generate a single AI Use Record that includes:

  • a usage inventory
  • use classification
  • risk acknowledgment
  • oversight snapshot
  • provenance statements
  • timestamped attestation

The record reflects what was true at the time it was created.

5. Delivery

You receive a self-contained document suitable for:

  • internal records
  • audit preparation
  • leadership review
  • future inquiries

You retain full ownership of the record.

Ongoing Updates

AI usage changes. Teams evolve. Tools shift.

For most organizations, we recommend quarterly AI Use Record updates to:

  • reflect new tools or use cases
  • capture changes before issues arise
  • maintain continuity over time

Updates follow the same lightweight process and are faster than the initial record.

Who This Is For

AI Use Records are designed for organizations that:

  • use AI in knowledge work or internal operations
  • want clarity without over-engineering governance
  • do not need full enterprise AI governance platforms
  • want a defensible explanation, not a compliance program

If your organization operates regulated, high-risk automated decision systems, you may require a full governance framework instead.

How We Reference Standards

AI Use Records are informed by commonly referenced AI risk and governance concepts, but they do not claim compliance with any specific regulation or standard.

This keeps the record:

  • accurate to its purpose
  • flexible as expectations evolve
  • defensible without over-commitment

The Value, Plainly Stated

An AI Use Record answers one critical question:

"If we are asked later, can we clearly show what we were doing, what we considered, and who was responsible—at the time it mattered?"

That is what this service provides.

Contact / Next Steps

If you want to understand whether an AI Use Record makes sense for your organization, we start with a short scoping conversation.

No long-term commitments.

No platforms to adopt.

No disruption to daily work.

Just clarity, on file.