Glossary / Governance & Risk

NIST AI Risk Management Framework

The American counterpart to the EU AI Act. Voluntary on paper, mandatory in practice for anyone selling into the federal government or large US enterprises.

Governance & Risk

The Technical Definition

The NIST AI Risk Management Framework (AI RMF 1.0) is a voluntary framework published by the US National Institute of Standards and Technology in January 2023. It is the American counterpart to the EU AI Act, but with a fundamentally different posture: NIST doesn’t regulate, it standardizes. Companies adopt the framework on their own. Then procurement contracts, insurance underwriters, and federal agencies start requiring evidence of adoption — and “voluntary” stops meaning what it used to mean.

The framework organizes AI risk management into four functions: Govern (the policies, accountability structures, and culture that surround AI use), Map (understanding the context, intended use, and risk profile of each AI system), Measure (the testing, evaluation, and metrics applied to AI behavior), and Manage (treating identified risks based on the analysis). NIST also publishes a companion playbook with concrete actions under each function, a Generative AI profile (released July 2024) that addresses LLM-specific risks, and an evolving set of crosswalks to other standards including ISO 42001 and the EU AI Act.

What This Actually Means for Your Business

If you sell to federal agencies, defense contractors, healthcare systems, or any Fortune 500 company that has a CISO who’s read a single AI procurement memo from the last 18 months, you’re going to be asked about NIST AI RMF alignment. You’ll see it in security questionnaires. You’ll see it in vendor risk assessments. You’ll see it in RFP language that says “describe your AI risk management program with reference to NIST AI RMF.”

The framework didn’t get traction because companies love compliance. It got traction because it filled a vacuum. There was no US federal AI law. State laws were a patchwork. Boards wanted to know what “responsible AI” actually meant in operational terms. NIST gave them a vocabulary, a structure, and the legitimacy of a federal standards body. Procurement teams adopted it because it was the only neutral document available.

For a small-cap or mid-cap operator, the practical implication is this: your customers will ask you to map your AI deployments to Govern-Map-Measure-Manage, and your vendors will be expected to do the same for the AI products they sell you. If you can’t answer the questions, you lose deals. If your vendors can’t answer, you carry their risk.

The Generative AI profile is where most of the action sits today. It addresses confabulation, data privacy, intellectual property, harmful content, environmental impact, and a dozen other risks specific to LLM-based systems. If you’re deploying Copilot, ChatGPT Enterprise, Claude for Business, or a custom RAG system, this is the document your team should be reading.

Reality Check

What the vendor says: “We’re aligned with NIST AI RMF.”

What that means in practice: They’ve published a one-page document mapping their controls to the four functions. Whether they actually run risk reviews, maintain a system inventory, perform pre-deployment evaluations, or have anyone accountable when something breaks is a different question. Ask for the artifacts behind each control, not the slide that lists them.

What Operators Actually Do

The companies treating NIST AI RMF as a real operating discipline (rather than a procurement attestation) start with Govern. They name an accountable executive — usually the CIO, CISO, or General Counsel, sometimes a dedicated Chief AI Officer at larger firms. They establish a cross-functional AI committee with real authority to approve, pause, or kill deployments. They publish a written AI policy that employees actually read.

Then they Map. They build a system-of-record for every AI deployment in the company, including the unsanctioned ones. Each entry captures the use case, the data flowing through it, the risk tier, the owner, and the dependencies. Most operators discover their inventory is wildly incomplete the first time they try this. That discovery is the point.

Measure is where the work gets technical. Pre-deployment evals against representative inputs. Adversarial testing for the high-risk systems. Bias audits where applicable. Latency and cost monitoring in production. The eval infrastructure becomes a recurring line item, not a one-time project.

Manage is the loop that closes everything. Findings from Measure feed back into Govern decisions. New use cases route through the committee. Vendor reviews get refreshed annually. The framework, applied seriously, looks less like a policy binder and more like the way the company runs.

The Questions to Ask

  1. Who owns NIST AI RMF alignment in our organization, and what does their actual workload look like this quarter? If the answer is “compliance” with no specifics, you have a name on a slide and nothing operational behind it.

  2. For our top three AI deployments, can we produce the Map and Measure artifacts in 48 hours? A regulator, customer, or insurer will eventually ask. The artifacts either exist or they don’t.

  3. How are we handling the Generative AI profile risks specifically — confabulation, data leakage, IP exposure? These are the risks that show up in your Q4 earnings call if mishandled, and they’re the ones the framework spells out most directly.

Get the next Brief

One operator. Every other Wednesday.

Plus the AI Glossary and the Failure Museum.
Real names. Real numbers. Honest analysis.