G7 AI-SBOM Standard

AI-SBOM Scanner

Upload your AI Bill of Materials and get an instant G7 7-cluster completeness score. Identify documentation gaps, regulatory exposure, and remediation priorities.

Free AI Risk Intelligence

Get weekly AI supply chain risk updates

Stay ahead of AI transparency regulations. We'll send you G7 SBOM updates, sector risk changes, and actionable remediation guides.

Share this tool

Help colleagues assess their cyber risk

LinkedIn X / Twitter Email

About This Tool

The AI-SBOM Scanner evaluates your AI supply chain documentation against the G7 AI-SBOM Minimum Elements standard (published May 2026). It scores your SBOM across 7 critical clusters: metadata, system-level properties, AI models, datasets, infrastructure, security properties, and KPIs.

Supported formats: G7 7-Cluster JSON (recommended), SPDX JSON, and CycloneDX JSON. Each format is automatically detected and normalized to the G7 model.

Sector-weighted scoring: Select your industry (healthcare, finance, critical infrastructure) to apply sector-specific weightings. Healthcare weights datasets higher; finance weights models higher; critical infrastructure weights security higher.

Three personas: CISOs see a gap Kanban with remediation priorities. CEOs see a single risk score KPI. Underwriters see regulatory exposure (NIS2/DORA) mapped to each gap.

Important: Scores reflect documentation completeness, not security posture. A high score means good transparency — not necessarily low risk. Use results to identify where AI vendor documentation is missing or inadequate.

G7 Standard Scoring

7-cluster model from the G7 AI-SBOM minimum elements framework.

Sector Weighting

Healthcare, finance, and critical infrastructure weighted risk scores.

NIS2/DORA Mapping

Each gap mapped to NIS2 and DORA regulatory articles.

Who Uses This Scanner

  • CISOs evaluating AI vendor transparency and documentation completeness
  • CEOs tracking AI supply chain risk as a board-level KPI
  • Underwriters scoring AI vendor risk for insurance pricing decisions
  • Risk managers ensuring NIS2/DORA compliance for AI systems