In This Article
- Executive Summary
- Why a Model Registry Matters Now
- The Model Registry Versus the Validated Systems Inventory
- A Practical Data Model for the Registry
- Sample Registry Entries
- Integrating With GxP Validation Records
- Version Control, Monitoring, and Decommission
- Governance: Ownership, RACI, and Access
- Build Versus Buy: Tool Landscape
- A 90-Day Implementation Roadmap
- Conclusion
- References & Sources
Executive Summary
Most mid-cap pharma and biotech companies can already list every GxP computer system in their validated inventory. Very few can produce, on demand, a comparable list of every AI model in use across research, clinical, manufacturing, and commercial functions. That gap is becoming untenable. Article 71 of the EU AI Act creates a public EU database of high-risk AI systems that must be operational by 2 August 2026, GAMP 5 Second Edition now treats AI/ML sub-systems as a distinct life-cycle inside computerized system validation, and the EMA reflection paper on AI in the medicinal product life cycle requires traceable documentation of every model that touches a regulated activity.123
An AI model registry is the operational answer. It is a single, queryable source of truth for every model in the organization: what it does, who owns it, what data it was trained on, what version is in production, how it is monitored, and what happens when it is retired. Done well, the registry becomes the connective tissue between the model risk assessment, the validation package, the change control record, and the post-market monitoring dashboard.
This article lays out what to track and why. It covers the core data model, sample entries, the interface with the validated systems inventory, GxP integration points, version and decommission handling, a governance and RACI model, the build-versus-buy landscape (MLflow, Weights & Biases, Neptune, Databricks Unity Catalog, and specialty registries), and a 90-day roadmap for a pharma organization standing this capability up for the first time.
Why a Model Registry Matters Now
Three converging pressures make the AI model registry an executive-level concern in 2026 rather than a niche MLOps concern.
First, regulatory registration is arriving. The EU AI Act establishes a public EU database of high-risk AI systems under Article 71, with providers and deployers required to submit registration data described in Annex VIII. The Commission has committed to having the database operational before the AI Act’s application date of 2 August 2026.1 A pharma company that cannot enumerate its own high-risk AI systems internally will not be able to complete this external registration accurately.
Second, guidance for regulated computerized systems has caught up. GAMP 5 Second Edition, published by ISPE in July 2022, added Appendix D11 to address AI and machine learning. The appendix treats dynamic ML sub-systems as a distinct life cycle inside the broader computerized system life cycle, with specific expectations around data acquisition, training and test datasets, and performance-metric acceptability.2 ISPE followed with a standalone GAMP Guide on Artificial Intelligence in mid-2025, extending those principles across concept, project, and operational phases, including model risk management and change control.4
Third, health authorities have staked out clear traceability expectations. The EMA’s reflection paper on the use of AI in the medicinal product life cycle, adopted in October 2024, tells applicants that they must ensure “robust models are applied, traceable documentation is established and maintained, and that secondary assessments of development practices are conducted.”3 The FDA, Health Canada, and MHRA jointly published ten Good Machine Learning Practice guiding principles and, for medical-device software, five guiding principles for predetermined change control plans.56 In every one of these frameworks the presumption is that the sponsor knows precisely which model is in use, on what version, trained on which data, and monitored against which metrics.
The organizations we see move first tend to share a specific trigger. Either an internal audit surfaced an AI model in a GxP workflow with no validation record attached, or a customer or partner asked for a model card during a due-diligence review and no one could produce one, or the legal team read Article 71 and asked which of the company’s models will need to be registered. Any of those moments creates the mandate. The registry is what turns the mandate into a durable operating capability.
The NIST AI Risk Management Framework, meanwhile, has become the reference architecture that most Quality and IT leaders are aligning to for internal governance. NIST defines an AI system inventory as “an organized database of artifacts relating to an AI system or model, which may include system documentation, incident response plans, data dictionaries, links to implementation software or source code, names and contact information for relevant AI actors, or other information that may be helpful for model or system maintenance and incident response purposes.”13 That definition maps almost directly to what a pharma model registry needs to do; the pharma extension is the addition of GxP-specific metadata and the tight coupling to the validated systems inventory and the EDMS.
The Model Registry Versus the Validated Systems Inventory
Before getting into fields and schemas, it helps to be precise about how the AI model registry differs from the validated systems inventory that GxP-regulated pharma companies have maintained for years.
The validated systems inventory is a list of computerized systems. An entry describes a system such as the LIMS, the MES, or the electronic quality management system, with attributes covering GxP classification, GAMP software category, business owner, system owner, validation status, last periodic review date, and the location of the validation dossier. The unit of tracking is the system.
The AI model registry tracks a different unit: the model. A model has a name, a version, a purpose, an intended use, training data, a specific set of performance metrics, and a lifecycle that includes retraining events. Many models live inside systems that already appear in the validated inventory. A signal-detection model that scores adverse events inside the safety database is one model. A demand-forecasting model that runs inside the commercial planning platform is another. A generative model that drafts sections of a clinical study report is a third. None of these are systems in the classic CSV sense. All of them are regulated artifacts that need to be tracked.
Unit: Computerized System
LIMS, MES, EDMS, safety database, ERP. GAMP category, GxP classification, business owner, validation status, periodic review cadence, dossier location.
Unit: AI or ML Model
Signal-detection scorer, forecast model, GenAI drafter, image classifier, protein-structure predictor. Intended use, training data, version, performance metrics, monitoring, retraining cadence, decommission plan.
The two inventories are related, and the registry should reference the system inventory. But they are not the same list, and treating them as one is a common early mistake. A single computerized system might host multiple models, each with its own lifecycle, and a single model might be deployed across multiple systems (an entity-extraction model that serves both regulatory and medical affairs). The registry needs the flexibility to represent both cases without forcing artificial one-to-one mappings.
SD perspective. Companies that try to graft AI model tracking onto the existing computerized-systems inventory (as extra columns in the same spreadsheet) tend to lose the model-level detail within twelve months. The disciplines are related but not identical. Build the registry as its own artifact with well-defined cross-links to the systems inventory, not as a bolt-on to it.
A Practical Data Model for the Registry
The right set of fields is the one your validation team, your legal team, and your model owners can all use without re-entering the same information three times. Google’s Model Cards paper established the pattern most organizations now build on: model details, intended use, factors, metrics, evaluation data, training data, quantitative analyses, ethical considerations, and caveats.7 The pharma-specific data model extends this with the fields regulators and auditors will ask about.
The table below is a starting point for a mid-cap pharma or biotech registry. It groups fields by section so that different roles (data science, validation, quality, legal) can own their sections without treading on each other.
| Section | Field | Notes / Example |
|---|---|---|
| Identity | Model ID | Immutable slug: ae-triage-nlp |
| Human name | “Adverse Event Triage NLP” | |
| Current version | Semantic version: 2.3.0 | |
| Registry status | Draft / Staging / Production / Archived | |
| GxP relevant? | Yes / No, with rationale link | |
| EU AI Act classification | Prohibited / High-risk / Limited risk / Minimal risk / Not in scope | |
| Intended Use | Purpose | What the model is supposed to do, in one paragraph |
| Primary users | Roles: e.g. PV case processors, Level 1 | |
| In-scope use cases | Bulleted list | |
| Out-of-scope use cases | Explicit list; the “not for” list | |
| Decision boundary | Advisory / Human-in-the-loop / Automated with review / Automated | |
| Training & Data | Training data sources | Named datasets with version and access controls |
| Data lineage link | Pointer to lineage tool (Unity Catalog, Collibra, etc.) | |
| Sensitive data classes | PHI, PII, commercial, none | |
| Data cutoff date | Training corpus end date | |
| Consent basis | For any personal data used in training | |
| Performance | Primary metric | Precision at recall 0.95, AUROC, etc. |
| Acceptability threshold | Value below which the model must not deploy | |
| Sub-group performance | Reference to bias analysis | |
| Latest evaluation date | Timestamp | |
| Known limitations | Free text | |
| Ownership | Model owner | Named role: e.g. Head of PV Data Science |
| Business sponsor | VP-level accountable executive | |
| Validation lead | QA/CSV contact | |
| Data steward | For training data provenance | |
| Validation & Governance | GAMP category | 3, 4, 5, or “AI/ML per D11” |
| Risk classification | Internal risk score with methodology reference | |
| Validation dossier | Document ID in EDMS | |
| PCCP or change control plan | Reference where applicable | |
| Human-in-the-loop control | Description of override, escalation, and review path | |
| Monitoring | Live monitoring dashboard | URL |
| Retraining trigger | Drift threshold, schedule, or event | |
| Incident log link | Ticketing tool link | |
| Last monitoring review | Date, reviewer | |
| Retirement | Retirement conditions | Explicit triggers |
| Successor model | Cross-reference in registry | |
| Archive location | Model artifact and training data at time of retirement |
Two design choices are worth spelling out. First, every field that references another artifact (validation dossier, monitoring dashboard, incident log) is a link, not a copy. The registry is a coordination layer, not a duplicate repository. Second, both the human name and the immutable Model ID are captured. Human names change; Model IDs must not. That distinction is what makes the registry usable ten years from now, when reviewers need to trace a decision back to the exact model version that produced it.
Note on model cards. Google’s Model Card Toolkit provides a JSON schema and a generation library that is a reasonable starting point for the descriptive sections of each entry.7 Pharma organizations should extend rather than replace it. Keep the standard model-card sections so that model cards remain portable across the industry, and add pharma-specific sections (GxP flag, GAMP category, validation dossier, PCCP, retirement conditions) as a supplementary block.
Sample Registry Entries
A schema in the abstract is easier to argue about than a schema with entries in it. Two sample entries are shown below, one for a signal-detection model in pharmacovigilance and one for a generative model used in regulatory writing. These are illustrative composites, not descriptions of any specific product.
Entry A: Adverse Event Triage NLP
Model ID: ae-triage-nlp Version: 2.3.0 Status: Production
Purpose: Classifies incoming adverse-event narratives into MedDRA System Organ Class categories to route cases to appropriate case processors.
Decision boundary: Advisory. Every routed case is reviewed by a Level 1 case processor before assessment. The model never closes a case.
Primary metric: Macro-F1 across SOCs, threshold 0.82.
Training data: Historical PV case dataset v4.2 (2019-2025), de-identified per SOP DM-PV-014.
GxP: Yes. GAMP 5 D11. Validation dossier: DOSSIER-2026-AI-004.
EU AI Act classification: High-risk per Annex III (safety component of pharmacovigilance).
Monitoring: Weekly drift review; retraining trigger at >3% degradation on holdout.
Retirement condition: Superseded by successor version or by change in MedDRA structure that invalidates label mapping.
Entry B: Regulatory Section Drafter (GenAI)
Model ID: reg-section-drafter Version: 1.1.2 Status: Production
Purpose: Drafts specified sections of Module 2.7 clinical summary documents from structured study data.
Decision boundary: Human-in-the-loop. Draft is always reviewed by a medical writer and a regulatory writer before inclusion.
Base model: Vendor-supplied foundation model X, version 4.0. Fine-tuning: instruction-tuned on internal exemplar corpus.
Primary metric: Human evaluator acceptance rate on 200-draft holdout, threshold 60%.
Training data: Internal exemplar corpus IEC-2026-REG-01 (280 approved study reports, redacted).
GxP: Yes. Validation dossier: DOSSIER-2026-AI-011. Predetermined change control plan: PCCP-REG-01 covering vendor model version bumps within the same family.
EU AI Act classification: Limited risk (transparency obligations); use case does not meet high-risk criteria under current interpretation.
Monitoring: Sampled human review of 5% of drafts; escalation on any hallucination or misattribution finding.
What these entries do in practice is give a reviewer, an auditor, or a partner a one-page answer to the question “what is this model, who owns it, and how do we know it works?” That is the single most valuable service a registry provides.
Integrating With GxP Validation Records
The registry must plug into the GxP quality system without replacing it. That means the registry does not hold validation evidence; it points to validation evidence. Six integration points matter most.
Validated systems inventory cross-link
Every model has a foreign-key link to the hosting computerized system in the validated systems inventory. That link makes it possible to answer “which models run inside this system?” and, in the other direction, “which system hosts this model?” during audits.
Validation dossier reference
The validation dossier lives in the EDMS. The registry stores its document ID and version. The two documents cross-reference each other so a reviewer can navigate in either direction.
Risk assessment link
Each model has an approved risk assessment. Where the assessment classifies the model as high-risk, the registry surfaces that classification prominently so that downstream controls (validation depth, monitoring frequency, human-in-the-loop requirement) are visible without opening the dossier.
Change control record link
Every version transition (staging to production, production to archive) is preceded by a change control record. The registry stores the change control ID and prevents version promotion in the registry state machine until the change control is closed.
Predetermined change control plan link
For models where the sponsor has adopted a PCCP-style approach (following the FDA/Health Canada/MHRA guiding principles), the registry references the PCCP document, the currently permissible changes, and the log of changes made under it.6 This becomes the audit trail regulators expect.
Periodic review anchor
The registry is the anchor for periodic review. It surfaces the next scheduled review date for every model, drives the reminder, and links to the completed review record when the review closes. This is how the registry moves from a static document to a live operational tool.
Watch for double-booking. Some early registries make the mistake of storing full validation content (test scripts, evidence, sign-offs) inside the registry as well as in the EDMS. Two copies of the same signed record is a QMS failure waiting to happen. The registry stores references, statuses, and links. The EDMS stores the signed evidence. Draw the line early and hold it.
Version Control, Monitoring, and Decommission
An AI model registry that only tracks live production models is not a registry; it is a landing page. The real value comes from tracking the whole lifecycle, including versions that are no longer running.
Version control
Semantic versioning (MAJOR.MINOR.PATCH) works reasonably well for models if you define the semantics up front. A change in training data, model architecture, or intended use is a MAJOR version bump. A retraining on the same schema with the same architecture and improved data is a MINOR bump. A bug-fix or configuration change is a PATCH bump. MLflow’s model registry provides the mechanics for this out of the box, with immutable model versions and explicit stage transitions (Staging, Production, Archived), plus aliases such as @champion or @challenger for A/B evaluation.8 Whether or not you use MLflow specifically, the pattern is the correct one.
The registry entry for each model should show the current production version, the previous production version (still deployed to a subset for A/B, or in cold storage), and the full version history with the change control record ID attached to each transition. That history is what makes reproducibility possible three years later.
Monitoring
Monitoring information belongs in the registry as pointers, not as content. Each entry links to a live dashboard (data drift, prediction drift, output distribution, key performance metrics) and stores the drift threshold that triggers action. When monitoring detects an issue, the resulting incident and its resolution are logged, and the registry entry updates to reflect the current state.
What the model sees
Distribution shift in inputs. A signal-detection NLP trained on 2019-2025 narratives is fed 2027 narratives that use different terminology. Detectable; act before performance degrades.
What the model does
The relationship between inputs and correct outputs has changed. New MedDRA structure, new labeling convention, new therapeutic area entering the workflow. Requires retraining or scope adjustment.
What the model gets right
Ground-truth-based metrics fall below acceptability threshold. Investigate, escalate to change control, retrain or roll back.
What the model produces
Distribution of outputs shifts unexpectedly. A GenAI drafter starts producing shorter or longer drafts, or shifts tone. Human-in-the-loop review should catch this; the registry records the trend.
Decommission and retirement history
Models get retired. Sometimes because they are superseded, sometimes because the business process changed, sometimes because a regulator raised a concern, sometimes because a validation review concluded the model no longer meets acceptability criteria. In every case, the registry needs to record the retirement event and preserve enough context to answer questions later.
Minimum fields on retirement:
Reason for retirement (structured category plus free text). Effective retirement date. Final performance snapshot at retirement. Location of the archived model artifact and its training data. Successor model reference, if any. Statement of any residual outputs still in use (e.g. cases already scored by the retired model that remain active in the safety database).
The reason a full retirement history matters becomes clear during a regulatory inspection or a post-market safety review. An inspector who asks “what version of the triage model classified this case in June 2027?” needs an answer that is unambiguous, immutable, and reachable in minutes. The registry, done well, is what provides that answer.
A related discipline is preservation of the training data itself at the time of retirement. Data used to train an early production model is often the very data that a later challenger asks questions of, or that a regulator wants to see when evaluating whether a retired model was fit for its intended use during the time it was active. The registry should record where that dataset lives, in what form (raw versus feature-engineered), and under what access controls. Where the training data included patient-level information under a specific consent basis, the retirement record should also capture the retention period and the point at which the frozen training snapshot itself must be destroyed. Compliance is not just about live models; it is about the archived tail as well.
Governance: Ownership, RACI, and Access
A registry without an owner becomes a spreadsheet. A registry without governance becomes an incomplete spreadsheet. The organizations that get this right pin down four things before they build.
The single accountable owner
One named executive is accountable for the registry as a whole. In most mid-cap pharma the right home is the Chief Data Officer, the Head of Digital Quality, or the head of the AI Center of Excellence where one exists. Split ownership fails; a single throat-to-choke succeeds.
Per-model ownership
Every entry has a named model owner (typically a data scientist or data science manager), a named business sponsor (VP or equivalent in the function that uses the model), and a named validation lead (from QA/CSV). All three are required fields. An entry with any of these blank cannot progress to production status.
RACI for lifecycle events
The registry codifies who is Responsible, Accountable, Consulted, and Informed for six lifecycle events: onboarding a new model, promoting to production, retraining, monitoring escalation, PCCP-scope changes, and retirement. Below is a starting RACI that fits most mid-cap organizations.
| Event | Responsible | Accountable | Consulted | Informed |
|---|---|---|---|---|
| Onboard new model | Model Owner | Business Sponsor | QA/CSV, Legal/Privacy | CDO, CAI Ethics |
| Promote to production | Model Owner + Validation Lead | QA Head | Business Sponsor, IT Ops | CDO |
| Retrain | Model Owner | Business Sponsor | QA/CSV | CDO, Users |
| Monitoring escalation | MLOps | Model Owner | QA/CSV, Business Sponsor | CDO |
| PCCP-scope change | Model Owner | Business Sponsor + QA Head | Regulatory, Legal | CDO |
| Retire model | Model Owner | Business Sponsor | QA/CSV, Users | CDO, Audit |
Access and disclosure
The registry is not a public artifact. It contains commercial detail (training data, vendor terms, performance metrics on internal populations) that many companies will not want on the open internet. Standard practice is three access tiers: internal read (broad access across the enterprise), internal edit (per-model owners and validation leads), and external disclosure (model card export for partner due diligence or regulator response). The export view is a filtered subset of the registry entry, produced on demand from the same source data, so that there is no risk of the external and internal descriptions of the same model drifting apart.
Under the EU AI Act, high-risk AI systems will have a mandatory registration in the public EU database, with providers responsible for entering the data listed in Sections A and B of Annex VIII and public authority deployers responsible for the data in Section C.1 The disclosure view of the registry should be designed so that Annex VIII fields map cleanly to registry fields and can be produced without manual reformatting. Companies that treat this as an ongoing export from a single source of truth, rather than as a separate manual submission, avoid the drift risk that comes with parallel records.
Model card portability
Where possible, use the industry-standard Model Card format for the external export view. Google’s Model Card Toolkit provides both a JSON schema and a rendering library, and it has become the de facto interchange format for exchanging model documentation between organizations.14 A pharma registry that speaks Model Card natively for external exchange, and stores the pharma-specific extensions internally, gets the best of both worlds. Partners and regulators receive an artifact in a form they already know how to read; internal Quality and Legal teams retain the full metadata they need for audit and inspection response.
SD perspective. The single biggest governance mistake we see is treating the registry as an IT deliverable rather than a shared operational tool. When the registry sits inside a data platform team and Quality only reads from it, entries drift out of date within a quarter. When Quality co-owns the registry with the AI or data team, and the registry drives the periodic review calendar for models the same way the validated inventory drives it for systems, the registry stays current because the business needs it to be current.
Build Versus Buy: Tool Landscape
No single tool on the market today covers the full pharma registry requirement out of the box. Most organizations end up with a two- or three-layer stack: an MLOps tool that handles the technical registry (versioning, artifacts, lineage), a governance layer that handles the pharma-specific metadata (GxP flag, GAMP category, validation dossier link, PCCP), and integration to the EDMS and validated systems inventory for the regulated records themselves.
The core MLOps registries
MLflow. Open source. Provides the model registry primitives: immutable versions, stage transitions, aliases, tags, and lineage back to the run that produced each version. Widely adopted, low licensing risk, well-supported inside Databricks. Requires pharma-specific extensions to hold GxP metadata.8
Weights & Biases. Strong on developer experience and visualization; extended with prompt tracking and evaluations for LLM work. Best for research and R&D use cases, less naturally suited to the audit-focused stance a GxP registry needs.9
Neptune. Positioned as the enterprise metadata store, with strong lineage tracking connecting models to exact data versions, code commits, and configurations. Explicitly targets regulated industries requiring detailed audit trails.9
Databricks Unity Catalog. Unified governance for data and AI inside the Databricks platform. Automatic lineage across ingestion, ETL, dashboards, and ML models, with attribute-based access control and audit logging. Attractive for organizations already standardized on Databricks; less useful in polyglot environments where a lot of the AI work happens outside the platform.10
Life-sciences-specific patterns
Two industry examples are worth studying, though neither is a general-purpose registry product.
MELLODDY. The Machine Learning Ledger Orchestration for Drug Discovery project brought together ten pharma companies plus technical partners to demonstrate cross-pharma federated learning at scale, with a shared platform for training QSAR models on 2.6 billion confidential activity data points across 21 million molecules while keeping each company’s data private.11 MELLODDY’s operational model — versioned shared training rounds, per-partner model artifacts, and clear ownership of the global model versus the local models — is a useful reference for organizations thinking about federated AI, where the registry needs to distinguish between the model as trained collectively and the model as deployed locally.
OHDSI ATLAS. ATLAS is a web-based tool for designing and executing analyses on standardized observational data in the OMOP Common Data Model, used across an OHDSI network of more than 331 data sources with 2.1 billion patient records across 34 countries.12 ATLAS is not a general model registry, but it is an important pattern for tracking cohort definitions, phenotypes, and prediction models with shared governance across many sites. Organizations running real-world evidence or observational research programs should study how ATLAS handles versioning and cross-site reproducibility.
Practical stack. A pattern we see working for mid-cap pharma today: MLflow (open source) or Neptune (commercial) for the technical registry layer, with an internal governance layer on top (often a lightweight Confluence-plus-database or a dedicated form in ServiceNow or Veeva) that owns the pharma-specific metadata and drives the periodic review calendar. Both layers reference the same Model ID and version so lookups are unambiguous. Total build time for a first working version: 8 to 12 weeks.
A 90-Day Implementation Roadmap
The most common failure mode for pharma model registry programs is scope. Teams try to design a perfect registry that captures every conceivable field, and eighteen months later they still do not have one. A better pattern is to build a minimum viable registry, populate it, get it into the periodic review calendar, and then evolve.
Days 1-15: Scoping and inventory
Identify every AI model currently in production or under development across research, clinical, safety, manufacturing, and commercial. Interview function heads. Do not rely on IT ticket data; many models were built inside business functions and never went through IT. The initial inventory is almost always three times longer than leadership expected.
Days 16-30: Schema and tooling
Approve the data model (the table above, adapted to your organization). Choose the technical registry (MLflow, Neptune, or Unity Catalog if you are already there). Decide where pharma-specific metadata lives. Get sign-off from QA and Legal on the schema.
Days 31-60: Populate and integrate
Create registry entries for every identified model. Cross-link to the validated systems inventory and the EDMS. Backfill validation dossier IDs where they exist; flag entries where they do not. This step surfaces the models that are running in GxP-adjacent contexts with no validation, which is a finding you want before an auditor does.
Days 61-75: Governance activation
Assign owners, sponsors, and validation leads for every entry. Publish the RACI. Kick off the first periodic review cycle. Stand up the export view for external model cards.
Days 76-90: EU AI Act alignment
Classify every entry against the AI Act risk categories. For high-risk systems, walk through the Annex VIII registration data points and check that the registry captures them. This puts the organization in a defensible position ahead of the 2 August 2026 database go-live.1
What not to do in the first 90 days. Do not try to retrofit every historical model. Do not try to write a full validation dossier for a model that has been running for three years the moment you discover it; take the finding through change control and address it properly. Do not build a bespoke registry from scratch when MLflow, Neptune, and Unity Catalog cover the technical layer well. And do not put the registry inside a silo (either IT or Quality alone) that other functions have to be invited into.
Conclusion
The AI model registry is not another checkbox. It is the operational spine that connects intended use, training data, validation, monitoring, and decommission for every AI system the organization runs. Companies that stand it up early get three benefits at once. They can answer the “which models do we run and how do we know they work?” question in minutes rather than months, they walk into the EU AI Act Article 71 registration exercise with the data they need already in hand, and they give their Quality and Legal teams a shared operating tool that keeps AI governance close to the business rather than at arm’s length from it.13
Sakara Digital works with pharma and biotech organizations building this kind of AI governance capability, from initial model inventory through registry design, GxP integration, and readiness for EU AI Act registration. If you are exploring what a model registry should look like at your organization and want an independent perspective on where to start, we are happy to have that conversation.
References & Sources
- “Article 71: EU Database for High-Risk AI Systems Listed in Annex III.” EU Artificial Intelligence Act. https://artificialintelligenceact.eu/article/71/
- ISPE. “GAMP 5: A Risk-Based Approach to Compliant GxP Computerized Systems, Second Edition.” International Society for Pharmaceutical Engineering, July 2022. https://ispe.org/publications/guidance-documents/gamp-5-guide-2nd-edition/
- European Medicines Agency. “Reflection paper on the use of artificial intelligence in the lifecycle of medicines.” EMA, October 2024. https://www.ema.europa.eu/en/documents/scientific-guideline/reflection-paper-use-artificial-intelligence-ai-medicinal-product-lifecycle_en.pdf
- ISPE. “New GAMP Guide Provides Framework to Achieve High-Quality AI-Enabled Computerized Systems for Life Sciences.” Pharmaceutical Engineering, 2025. https://ispe.org/pharmaceutical-engineering/ispeak/new-gamprguide-provides-framework-achieve-high-quality-ai-enabled
- U.S. Food and Drug Administration. “Good Machine Learning Practice for Medical Device Development: Guiding Principles.” FDA, in collaboration with Health Canada and MHRA. https://www.fda.gov/medical-devices/software-medical-device-samd/good-machine-learning-practice-medical-device-development-guiding-principles
- U.S. Food and Drug Administration. “Predetermined Change Control Plans for Machine Learning-Enabled Medical Devices: Guiding Principles.” FDA, Health Canada, MHRA. https://www.fda.gov/medical-devices/software-medical-device-samd/predetermined-change-control-plans-machine-learning-enabled-medical-devices-guiding-principles
- Mitchell, M., et al. “Model Cards for Model Reporting.” Google Research, 2019. https://research.google/pubs/model-cards-for-model-reporting/
- MLflow. “MLflow Model Registry Documentation.” https://mlflow.org/docs/latest/ml/model-registry
- “Weights & Biases vs MLflow vs Neptune.ai: A Comparison of Model Registry Tools.” Index.dev, 2026. https://www.index.dev/skill-vs-skill/ai-wandb-vs-mlflow-vs-neptune
- Databricks. “Lineage in Unity Catalog.” Databricks Documentation. https://docs.databricks.com/aws/en/data-governance/unity-catalog/data-lineage
- Heyndrickx, W., et al. “MELLODDY: Cross-Pharma Federated Learning at Unprecedented Scale Unlocks Benefits in QSAR Without Compromising Proprietary Information.” Journal of Chemical Information and Modeling, 2024. https://pubs.acs.org/doi/10.1021/acs.jcim.3c00799
- OHDSI. “ATLAS and the OMOP Common Data Model.” Observational Health Data Sciences and Informatics. https://www.ohdsi.org/analytic-tools/atlas-a-unified-interface-for-the-ohdsi-tools/
- NIST. “AI Risk Management Framework Playbook: Govern Function.” NIST AI Resource Center. https://airc.nist.gov/airmf-resources/playbook/govern/
- Google Research. “Introducing the Model Card Toolkit for Easier Model Transparency Reporting.” Google AI Blog, 2020. https://research.google/blog/introducing-the-model-card-toolkit-for-easier-model-transparency-reporting/
- Era Sciences. “AI Meets GxP: Model Cards for Trust, Transparency and Compliance.” https://erasciences.com/blog/ai-meets-gxp-model-cards-for-trust-transparency-and-compliance








Your perspective matters—join the conversation.