Shadow AI, ISO 42001, and the New Boardroom Risk in Oil & Gas

The Risk Moved From IT to the Boardroom

Until 2024, AI risk in oil & gas was an IT conversation. Models in production were narrow, well-bounded, and supervised. That changed when generative AI became free and ubiquitous. Today, geologists, drilling engineers, contracts officers, and joint-venture leads are pasting confidential information into ChatGPT, Claude, Gemini, and Copilot every day — not maliciously, but because the productivity gain is real and the policy vacuum is total.

That's shadow AI. And in oil & gas, where a single leaked seismic dataset, reservoir simulation, or partner agreement can have nine-figure consequences, it has stopped being a workplace nuisance and become a board-level governance failure. The directors and officers insurance market has noticed. So have the major auditors. So have the JV partners that operators report to under operating agreements written before any of this existed.

What Shadow AI Actually Looks Like in Oil & Gas

When we run AI usage audits inside operators in Argentina, Colombia, and Brazil, the same three patterns appear over and over. None of them require a sophisticated attacker. They just require an unaware workforce and zero visibility.

Reservoir and Geological Data in Public LLMs

Engineers paste well-log summaries, decline curves, and reservoir model outputs into ChatGPT to get a faster interpretation. The data is now in a third-party retention window — sometimes used to train future models, sometimes subject to discovery in litigation, almost always invisible to the operator's compliance function. Once it's out, it doesn't come back.

Contractor and JV Information Through Personal Accounts

Contracts teams use personal LLM accounts to summarize partner agreements, AFEs, and tender documents. The contractor's own confidentiality clauses are violated the moment the document is pasted in. The operator typically discovers this during a partner audit — by which point the leakage is months old and the chain of custody is unrecoverable.

OT-Adjacent Decisions Influenced by Ungoverned AI

This is the one that scares operators when they see it. Maintenance technicians, production engineers, and field supervisors are starting to ask generative AI for guidance on operational decisions — choke settings, intervention sequencing, alarm interpretation. The model isn't connected to the OT environment, but the human acting on its output is. ISO 27019 was written for OT security. It didn't anticipate this attack surface, and most operators haven't either.

Why ISO 42001 Became a Board-Level Standard

ISO 42001 was published in late 2023 as the first internationally certifiable standard for AI Management Systems. It matters because it gives boards, auditors, and regulators a common, auditable framework to ask the question: how do you govern the AI in your business? Before it existed, the answer was a collage of voluntary frameworks (NIST AI RMF, OECD principles, internal policy) that no external party could verify in a uniform way.

For an oil & gas operator, the value isn't the certificate. It's the discipline the standard imposes: an AI inventory, a lifecycle policy, traceability of model-assisted decisions, defined roles and responsibilities, and continuous improvement on a PDCA loop the rest of the management system already runs on. That discipline is what answers the duty-of-care question.

The Stack: ISO 27001, ISO 27019, ISO 42001

A 90-Day Shadow AI Audit — Concrete Playbook

Most operators we talk to don't need a multi-year program to start. They need to stop being blind. A 90-day audit gets you from blind to baseline. It's not the end state — it's the position from which a board can ask the next question.

• Days 1–15 — Anonymous workforce survey. What AI tools are actually being used, by whom, and for what. Expect surprises: usually 3–5x the tools IT thinks are in play.
• Days 16–30 — Egress and SaaS log review. Cross-reference the survey with network telemetry. Identify the gap between declared and actual usage.
• Days 31–60 — Inventory the AI systems your organization runs or relies on, including embedded AI in SaaS your contracts team didn't flag as AI. Classify by data sensitivity and operational impact.
• Days 61–75 — Map each AI use to a control owner. Define a temporary acceptable use policy with clear red lines for OT-adjacent decisions, reservoir data, and partner information.
• Days 76–90 — Present the inventory, the risk map, and the proposed program to the board or audit committee. This is the artifact that converts shadow AI from a rumor into a governable problem.

Where This Goes Next

The operators that arrive at the next round of JV audits with an AI inventory, a documented acceptable use policy, and a path to ISO 42001 alignment will be in a fundamentally different conversation than the ones that don't. Insurers will price them differently. Regulators will treat them differently. Boards will be able to answer the duty-of-care question without improvising.

The window to arrive prepared is open right now and closing fast. The first step is the same as it has been for every prior governance shift in this sector: know what you have before someone else tells you what you don't.