CASRAI Dictionary

Tag: AI governance

  • NIST AI RMF & the Generative AI Profile Explained

    The NIST AI Risk Management Framework (AI RMF) is a voluntary framework published by the United States’ National Institute of Standards and Technology to help organisations manage risks associated with artificial intelligence. In 2024 NIST added a companion Generative AI Profile, catalogued as NIST AI 600-1, tailoring the framework to generative systems. This article explains what they are and how organisations use them. It is informational and not legal advice.

    What the AI RMF is

    Released in its first version in January 2023, the AI RMF is a non-binding, sector-agnostic resource. Rather than prescribing controls, it offers a structured way to think about trustworthy AI. NIST describes characteristics of trustworthy AI systems — including that they should be valid and reliable, safe, secure and resilient, accountable and transparent, explainable and interpretable, privacy-enhanced, and fair with harmful bias managed. The framework’s authoritative materials are published on nist.gov. For a fuller treatment see our pillar page on the NIST AI RMF.

    The four core functions

    The heart of the framework is its Core, organised into four functions that operate continuously rather than as a one-off checklist:

    • Govern — cultivating a culture of risk management, with policies, roles and accountability that cut across the other functions.
    • Map — establishing context and identifying risks associated with an AI system and its intended use.
    • Measure — analysing, assessing and tracking identified risks using quantitative and qualitative methods.
    • Manage — prioritising and acting on risks, allocating resources and monitoring over time.

    These functions are intended to be revisited iteratively across an AI system’s lifecycle.

    The Generative AI Profile (AI 600-1)

    The Generative AI Profile responds to risks that are distinctive to, or amplified by, generative models. It identifies a set of risk areas — for example, the potential for systems to produce false or misleading content commonly described as confabulation, the lowering of barriers to certain harmful information, data-privacy concerns, intellectual-property issues, and risks relating to harmful or biased outputs. Crucially, AI 600-1 is structured as a profile: it maps suggested actions back to the Govern, Map, Measure and Manage functions, so organisations already using the AI RMF can extend their existing practice rather than adopt a separate scheme. Questions of disclosing AI-generated content connect to our wider coverage of generative-AI disclosure.

    How organisations actually use it

    Because the framework is voluntary, adoption patterns vary. Common uses include structuring an internal AI governance programme around the four functions, using the trustworthiness characteristics as a vocabulary for cross-functional discussion, and using the Generative AI Profile’s action items as a starting catalogue when assessing a new generative deployment. Some organisations also use the framework as a communication tool, mapping their existing controls onto its functions to explain their governance to boards, customers or partners in a recognised vocabulary. Others treat it as a maturity guide, revisiting the Measure and Manage functions periodically as systems and risks evolve. Organisations frequently pair the AI RMF with a certifiable management-system standard such as ISO/IEC 42001: the framework provides risk-management substance while the standard provides an auditable management structure.

    Voluntary, not regulatory

    An important distinction is that the AI RMF does not impose legal obligations. It does not certify products, and using it does not by itself demonstrate compliance with any law. That said, it is widely referenced. Some organisations align with it to support their own assurance narratives, and it is frequently cited as a touchstone in policy discussions about responsible AI in the United States. Where binding rules apply — such as the EU AI Act for systems used in the Union — the framework can inform practice but does not replace legal requirements.

    The Profile structure and why it matters

    NIST’s choice to publish AI 600-1 as a profile rather than a separate framework is a deliberate design decision with practical consequences. A profile, in NIST’s terminology, is an implementation of the framework tailored to a particular context — here, generative AI. Because each suggested action in the Generative AI Profile is tied back to one of the four core functions, an organisation does not have to reconcile two competing schemes. Instead it extends the practices it already runs, adding generative-specific considerations to its existing Govern, Map, Measure and Manage activities. This continuity lowers the adoption cost for organisations that had already begun using the AI RMF before generative systems became central to their work.

    The companion playbook and resources

    The AI RMF is accompanied by supporting resources, including a companion playbook that offers suggested actions, references and documentation prompts mapped to the framework’s subcategories. These resources are intended to be used selectively rather than wholesale: an organisation chooses the elements relevant to its context and maturity. NIST has also supported a community around the framework, reflecting its intention that the resource evolve with practice rather than remain a static document. This living-resource posture distinguishes it from a fixed compliance checklist.

    Terminology and accessibility

    NIST deliberately wrote the framework to be usable across sectors and organisation sizes, including those without dedicated AI-risk teams. Terms such as risk mapping, model lifecycle and trustworthiness characteristics recur throughout; readers new to them may find plain-language entries in our dictionary helpful when working through the documentation.

    In summary

    The NIST AI RMF offers a voluntary, function-based approach to managing AI risk, and the Generative AI Profile (AI 600-1) extends it to the specific risks of generative systems. Neither is a law or a certification, but both are widely used to structure governance and to provide shared vocabulary. The authoritative documents remain those published by NIST; this article is a neutral summary rather than advice.

  • ISO/IEC 42001: The First AI Management-System Standard

    ISO/IEC 42001 is the first international standard for an artificial-intelligence management system (AIMS). Published in December 2023 by the International Organization for Standardization and the International Electrotechnical Commission, it gives organisations a certifiable structure for governing how they develop and use AI. This article explains what the standard is, what certification means, and how it differs from the NIST AI RMF. It is informational and not legal advice.

    What a management-system standard is

    ISO/IEC 42001 belongs to the same family as well-known standards such as ISO 9001 (quality) and ISO/IEC 27001 (information security). These standards do not assess a product directly; instead they specify requirements for a management system — the policies, roles, processes and continual-improvement loops an organisation puts in place to achieve consistent outcomes. Applied to AI, the standard asks an organisation to establish, implement, maintain and continually improve a system for managing AI-related risks and opportunities. Our pillar page on ISO/IEC 42001 sets out the structure in more detail.

    What the standard requires

    Following the common high-level structure shared across modern ISO management-system standards, ISO/IEC 42001 addresses areas such as:

    • Understanding the organisation’s context and the needs of interested parties.
    • Leadership commitment and an AI policy.
    • Planning, including AI risk assessment and treatment, and an AI impact assessment.
    • Support — resources, competence, awareness and documented information.
    • Operation — operational planning and control of the AI lifecycle.
    • Performance evaluation — monitoring, internal audit and management review.
    • Improvement — corrective action and continual improvement.

    The standard also includes annexes offering a reference set of controls and implementation guidance that organisations can select from based on their risk assessment.

    What certification actually means

    Because ISO/IEC 42001 is a certifiable standard, an organisation can engage an accredited certification body to audit its AI management system against the requirements. A successful audit results in certification, signalling to customers, partners and regulators that an independently assessed management system is in place. Two clarifications matter:

    • Certification attests to the management system, not to any individual AI model being “safe” or “unbiased”. It is a statement about governance maturity, not a product guarantee.
    • Certification is voluntary and does not, by itself, establish compliance with any specific law such as the EU AI Act, though a robust management system can support an organisation’s wider compliance efforts.

    How it differs from the NIST AI RMF

    The two instruments are complementary but distinct in nature:

    • Certifiability. ISO/IEC 42001 can be independently certified; the NIST AI RMF is a voluntary framework with no certification scheme.
    • Focus. ISO/IEC 42001 centres on the management system — the organisational scaffolding for governing AI. The AI RMF centres on the substance of risk management through its Govern, Map, Measure and Manage functions.
    • Origin and reach. ISO/IEC 42001 is an international standard developed through ISO/IEC consensus processes; the AI RMF is a US framework from NIST.
    • Output. ISO/IEC 42001 yields a certificate that third parties can rely on; the AI RMF yields internal practice and shared language, with no external attestation attached.

    Neither is a regulatory requirement on its own, and adopting one does not preclude the other. Many organisations find the distinction practical rather than competitive: one tells them how to think about AI risk, the other gives them an auditable wrapper they can demonstrate to outsiders.

    In practice many organisations use both together: the AI RMF (and its generative-AI profile) to inform how they identify and treat risk, and ISO/IEC 42001 to provide an auditable structure within which that work sits.

    The AI impact assessment

    A distinctive element of ISO/IEC 42001 compared with earlier management-system standards is its explicit attention to the impact of AI systems on individuals and groups, not only on the organisation. The standard contemplates an AI impact assessment process that considers consequences for people and society — for example, fairness, safety and privacy effects — as part of planning and operation. This outward-looking dimension reflects the particular character of AI risk, where harms can fall on third parties such as customers, patients or the public rather than solely on the organisation deploying the system. It is one reason the standard is seen as more than a relabelling of existing security or quality frameworks.

    The certification process in practice

    Achieving certification typically follows a familiar two-stage audit pattern used across ISO management-system standards. An initial stage reviews documentation and readiness; a second stage assesses whether the management system is implemented and effective in practice. Certification is then maintained through periodic surveillance audits and renewed through recertification over a multi-year cycle. Because the standard is risk-based, the controls an organisation selects from its annexes should follow from its own risk assessment, and an auditor examines whether those choices are justified and operating — not whether the organisation has adopted every possible control.

    Why a management-system approach

    The appeal of a management-system standard is repeatability and accountability. By embedding AI governance into familiar plan-do-check-act machinery, organisations can integrate it with existing certifications for quality and security rather than building a parallel programme. For organisations already certified to standards such as ISO/IEC 27001, the shared high-level structure means ISO/IEC 42001 can often be layered onto existing governance rather than stood up from scratch. For readers new to terms such as management system, statement of applicability or impact assessment, our dictionary provides plain-language entries.

    In summary

    ISO/IEC 42001 is the first international AI management-system standard, offering a certifiable structure for governing AI across its lifecycle. It complements rather than replaces risk-management frameworks like the NIST AI RMF, and certification attests to governance maturity rather than product safety or legal compliance. This article is a neutral overview; organisations should consult accredited certification bodies and qualified advisers for their own circumstances.

  • Texas TRAIGA and the US State AI-Law Patchwork

    The Texas Responsible Artificial Intelligence Governance Act (TRAIGA), enacted as House Bill 149, took effect on 1 January 2026. It is one of the more comprehensive entries in a rapidly expanding patchwork of US state AI laws, in which different states regulate different aspects of AI in different ways. This article explains TRAIGA’s main features and how state approaches diverge. It is informational and not legal advice.

    What TRAIGA does

    TRAIGA establishes a framework governing the development and deployment of AI systems in Texas. Reported features include:

    • A broad definition of AI systems, covering machine-based systems that infer from inputs how to generate outputs such as content, decisions, predictions or recommendations — not only generative AI.
    • Prohibited uses, including AI developed or deployed for unlawful behavioural manipulation, certain forms of unlawful discrimination, and specified harmful content.
    • Obligations on government entities, such as disclosure to consumers that they are interacting with an AI system, and restrictions on social-scoring and certain biometric uses.
    • A duty for healthcare providers to disclose to patients where AI is used in their care.
    • A regulatory sandbox for testing AI systems and an AI advisory council to inform policy.

    Enforcement is reserved to the Texas Attorney General, with civil penalties and a cure period before action, and the law does not create a private right of action. The statute and analyses are summarised in published legal commentary; the bill itself is available through the Texas Legislature.

    Scope and reach

    TRAIGA is reported to apply broadly: to those conducting business in Texas, offering products or services to Texas residents, or developing or deploying AI systems in the state. That framing can pull in out-of-state organisations whose systems reach Texas residents, a common feature of state-level technology laws. As enacted, the law was described as a pared-back version of earlier, more expansive drafts, with some of the broadest proposed duties narrowed before passage. This trajectory — an ambitious initial proposal trimmed during the legislative process — is itself characteristic of how several state AI bills have moved from introduction to law.

    The patchwork problem

    TRAIGA’s significance is amplified by its context. In the absence of a single comprehensive federal AI statute, US states have moved at different speeds and along different conceptual lines. The result is a patchwork in which the same AI system can face materially different rules depending on where it is used. Broad themes include:

    • Comprehensive risk frameworks. The Colorado AI Act (SB24-205) pioneered a developer-and-deployer model centred on algorithmic discrimination in consequential decisions, though its effective date was repeatedly deferred.
    • Targeted use-case rules. NYC Local Law 144 regulates a single use — automated employment decision tools — through mandatory bias audits and disclosure.
    • Transparency and disclosure laws. Several states have enacted measures focused on disclosing AI-generated content, chatbots or deepfakes, themes we follow under generative-AI disclosure.
    • Broad governance statutes. TRAIGA itself blends prohibited-use rules, government-specific duties, sectoral disclosure and a sandbox.

    For a structured comparison of these regimes, see our overview of US AI laws by state.

    What differs state to state

    The divergence runs along several axes. States differ on who is regulated (developers, deployers, government, specific sectors), on what triggers obligations (consequential decisions, employment screening, content generation, biometric use), on core mechanisms (impact assessments, bias audits, consumer notices, prohibited-use lists), and on enforcement (attorney-general action versus, in some cases, other routes). Even shared concepts like “high-risk” or “consequential decision” can carry different statutory meanings. This variability is the defining operational challenge of the patchwork.

    The sandbox and advisory council

    Two features distinguish TRAIGA from purely prohibitive approaches. The regulatory sandbox is intended to let participants develop and test AI systems under a relaxed regulatory posture, with the aim of encouraging innovation while gathering information about emerging uses. The AI advisory council is positioned to inform the legislature and state agencies on AI policy, the use of AI within government, and improvements to the sandbox. Together these reflect a model that pairs enforcement with structured experimentation and ongoing policy review — an approach that contrasts with measures focused solely on prohibitions or audits.

    Federal-state tension

    The patchwork exists against a backdrop of debate about whether AI should be governed primarily at the federal or state level. Proposals to limit or pre-empt state AI regulation have surfaced in national policy discussions, and the outcome of that debate would directly affect how durable individual state laws prove to be. For organisations, this adds a layer of uncertainty: the rules in force today reflect a particular moment in an unsettled allocation of authority, and the balance between state initiative and federal coordination remains an open question that could reshape the landscape.

    How organisations respond

    Faced with multiple overlapping regimes, many organisations build a governance baseline using voluntary frameworks and then layer state-specific obligations on top. The NIST AI RMF is frequently used to structure risk management, and ISO/IEC 42001 to provide an auditable management system; international comparisons are also drawn with the EU AI Act. None of these substitutes for a given state’s legal requirements, but they offer common scaffolding across jurisdictions. Readers encountering terms such as deployer, consequential decision or regulatory sandbox may find our dictionary helpful.

    In summary

    TRAIGA, effective 1 January 2026, adds a broad governance statute to a US state AI-law patchwork that already spans comprehensive risk frameworks, targeted use-case rules and transparency measures. The practical consequence is divergence: scope, triggers, mechanisms and enforcement vary by state. This article is a neutral overview, not legal advice; organisations should consult qualified counsel and the relevant statutes for their own circumstances.