AI RMF

NIST AI Risk Management Framework or “AI RMF,” to provide a format for understanding risk and better ensuring reasonable due diligence oversight of your use of AI. AI RMF Core provides outcomes and actions that enable dialogue, understanding, and
activities to manage AI risks and responsibly develop trustworthy AI systems.

  • Measure

    Applies quantitative and qualitative tools to analyze, assess, and monitor AI risk — translating insights from the MAP function into measurable benchmarks that evaluate system functionality, trustworthiness, and real-world impact before and during deployment.

  • Map

    Establishes the context for identifying and framing AI-related risks by recognizing that the AI lifecycle involves multiple interdependent actors — each with limited visibility into the full system — making it essential to surface and understand how those interdependencies can produce unexpected impacts.

  • Govern

    Develops the organizational culture, structure, and processes needed to manage AI risk responsibly — aligning technical development with strategic priorities and embedding accountability across the full AI lifecycle, including third-party dependencies.

  • Manage

    Allocates resources to address mapped and measured risks — executing response, recovery, and communication plans for AI incidents while leveraging insights from GOVERN, MAP, and MEASURE to reduce system failures, assess emerging risks, and drive continuous improvement through transparent, accountable documentation practices.