NIST AI RMF
NIST AI RMF implementation that scales
72 subcategories across four functions, 12 generative-AI risks, GenAI Profile crosswalk — operationalised with continuous testing and conformity scores.
The NIST AI Risk Management Framework (AI RMF 1.0) is a voluntary US framework organising AI risk activities into Govern, Map, Measure, and Manage functions with 72 subcategories; the GenAI Profile (NIST AI 600-1) adds generative-AI-specific guidance.
Key takeaways
- Federal contractors and US enterprises adopt NIST AI RMF for procurement and board reporting.
- AgenticAssure maps 17 NIST controls (3 critical) with full subcategory coverage in Analysis.
- Crosswalk to ISO 42001 and EU AI Act from a single test-and-govern workflow.
The four functions: Govern, Map, Measure, Manage
Govern sets culture and policies. Map inventories context and risks. Measure tracks metrics and evaluations. Manage responds to identified risks. AgenticAssure automates Measure and Manage with red-team probes and continuous monitors.
Questions compliance teams ask
What is NIST AI RMF 1.0?
NIST AI RMF 1.0 is the National Institute of Standards and Technology's framework for managing AI risks, with 72 subcategories across Govern, Map, Measure, and Manage functions.
What is the NIST GenAI Profile?
NIST AI 600-1 (GenAI Profile) extends AI RMF for generative AI risks including hallucination, data leakage, and dangerous capabilities. AgenticAssure maps 12 GAI risks in the Analysis module.