Skip to content
Longterm Wiki
Back

NIST AI Risk Management Framework

government
NIST·nvlpubs.nist.gov/nistpubs/ai/NIST.AI.100-1.pdf

Credibility Rating

5/5
Gold(5)

Gold standard. Rigorous peer review, high editorial standards, and strong institutional reputation.

Rating inherited from publication venue: NIST

This is the official U.S. government framework for AI risk management, widely referenced in policy discussions and by organizations building AI governance programs; relevant to alignment and safety practitioners navigating institutional or compliance contexts.

Metadata

Importance: 72/100guidance documentreference

Summary

The NIST AI RMF 1.0 provides a voluntary, flexible framework to help organizations identify, measure, and manage AI-related risks throughout the AI lifecycle. It defines seven properties of trustworthy AI and organizes risk management activities into four core functions: Govern, Map, Measure, and Manage. The framework serves as a foundational U.S. government standard for responsible AI development and deployment.

Key Points

  • Defines seven dimensions of trustworthy AI: valid/reliable, safe, secure/resilient, accountable/transparent, explainable/interpretable, privacy-enhanced, and fair.
  • Organizes AI risk management into four core functions: Govern (policies/culture), Map (context), Measure (analysis), and Manage (response).
  • Voluntary and sector-agnostic, designed to complement existing risk management practices across industries and organization sizes.
  • Emphasizes that AI risks extend beyond cybersecurity to include societal harms, bias, and lack of transparency requiring multidisciplinary responses.
  • Intended as a living document with planned community-driven updates, positioning it as an evolving standard for AI governance in the U.S.

Cited by 1 page

PageTypeQuality
NIST AI Risk Management Framework (AI RMF)Policy60.0

Cached Content Preview

HTTP 200Fetched Mar 15, 202688 KB
# Artificial Intelligence Risk Management Framework (AI RMF 1.0)

# NIST AI 100-1

# Artificial Intelligence Risk Management Framework (AI RMF 1.0)

This publication is available free of charge from: [https://doi.org/10.6028/NIST.AI.100-1](https://doi.org/10.6028/NIST.AI.100-1)

U.S. Department of Commerce Gina M. Raimondo, Secretary

National Institute of Standards and Technology Laurie E. Locascio, NIST Director and Under Secretary of Commerce for Standards and Technology

Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by the National Institute of Standards and Technology, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.

# Update Schedule and Versions

The Artificial Intelligence Risk Management Framework (AI RMF) is intended to be a living document.

NIST will review the content and usefulness of the Framework regularly to determine if an update is appropriate; a review with formal input from the AI community is expected to take place no later than 2028. The Framework will employ a two-number versioning system to track and identify major and minor changes. The first number will represent the generation of the AI RMF and its companion documents (e.g., 1.0) and will change only with major revisions. Minor revisions will be tracked using “.n” after the generation number (e.g., 1.1). All changes will be tracked using a Version Control Table which identifies the history, including version number, date of change, and description of change. NIST plans to update the AI RMF Playbook frequently. Comments on the AI RMF Playbook may be sent via email to [AIframework@nist.gov](mailto:AIframework@nist.gov) at any time and will be reviewed and integrated on a semi-annual basis.

# Table of Contents

# Executive Summary

1

Part 1: Foundational Information 4

1 Framing Risk 4

1.1 Understanding and Addressing Risks, Impacts, and Harms 4

1.2 Challenges for AI Risk Management 5

1.2.1 Risk Measurement 57

1.2.2 Risk Tolerance

1.2.3 Risk Prioritization 7

1.2.4 Organizational Integration and Management of Risk 8

2 Audience 9

3 AI Risks and Trustworthiness 12

3.1 Valid and Reliable 13

3.2 Safe 14

3.3 Secure and Resilient 15

3.4 Accountable and Transparent 15

3.5 Explainable and Interpretable 16

3.6 Privacy-Enhanced 17

3.7 Fair – with Harmful Bias Managed 17

4 Effectiveness of the AI RMF 19

Part 2: Core and Profiles 20

20

5 AI RMF Core

5.1 Govern

5.2 Map

5.3 Measure

5.4 Manage

21

24

28

31

# 6 AI RMF Profiles 33

# Appendix A: Descriptions of AI Actor Tasks from Figures 2 and 3 35

Appendix B: How AI Risks Differ from Traditional Software Risks 38

Appendix C: AI Risk Management and Human-AI Interaction 40

Appendix D: Attributes of the AI RMF 42

# List of Tables

Table 1 Categories a

... (truncated, 88 KB total)
Resource ID: a562dd579be46ab9 | Stable ID: NjI1NGIxN2