NIST AI Risk Management Framework 1.0
Relationships: Elaborated by trustworthy-ai. Generalized by govern-function. Elaborated by map-function. Elaborated by ai-actors. Elaborated by ai-risk-management.
The NIST AI Risk Management Framework (AI RMF 1.0) provides a voluntary, rights-preserving, non-sector-specific framework to help organizations manage AI risks and promote trustworthy AI development. The framework is structured around four core functions: GOVERN Function, MAP Function, MEASURE Function, and MANAGE Function.
The framework defines trustworthy AI as having seven key characteristics: valid and reliable, safe, secure and resilient, accountable and transparent, explainable and interpretable, privacy-enhanced, and fair with harmful bias managed. These characteristics must be balanced based on context, as tradeoffs often exist between them.
The AI RMF addresses unique challenges in AI risk management that differ from traditional software risks, including data dependency, model opacity, emergent properties, and the socio-technical nature of AI systems. The framework emphasizes the importance of diverse, interdisciplinary teams and engagement with affected communities throughout the AI lifecycle.
Key audiences include AI actors across the lifecycle: designers, developers, deployers, evaluators, and users. The framework also recognizes the importance of TEVV (test, evaluation, verification, and validation) processes throughout development and deployment.
The framework is designed to be a living document, with planned reviews and updates. It supports the development of AI RMF Profiles for specific use cases, sectors, or applications, and includes both current state and target state profiling capabilities.
executive-order-14110 directs NIST to develop companion resources to the AI Risk Management Framework specifically addressing generative-ai and dual-use foundation models. The framework is also referenced as a foundation for federal agency AI governance requirements and international standards development efforts.