NIST AI Risk Management Framework

intermediate

The US National Institute of Standards and Technology framework for managing AI risks. Provides voluntary guidance organized around four functions: Govern, Map, Measure, and Manage.

Category: safety

frameworkgovernanceusastandards

Overview

The NIST AI RMF provides structured guidance for organizations developing or deploying AI. Unlike prescriptive regulations, it's a flexible framework adaptable to different contexts and risk profiles. The framework organizes AI risk management into four core functions: GOVERN (establishing accountability and culture), MAP (understanding context and risks), MEASURE (assessing and tracking risks), and MANAGE (prioritizing and responding to risks). While voluntary, the NIST framework is becoming a de facto standard and is referenced by regulations like the EU AI Act. Organizations use it to demonstrate responsible AI practices to regulators, customers, and stakeholders.

Key Concepts

Govern Function

Organizational structures, policies, and culture for AI risk management.

Map Function

Understanding AI system context, capabilities, and potential impacts.

Measure Function

Metrics and methods for assessing AI risks and performance.

Manage Function

Response strategies and continuous improvement processes.

Related Concepts

AI Governance Risk Management Executive Order 14110 AI Compliance