CASRAI Dictionary

Tag: NIST AI RMF

  • NIST AI RMF & the Generative AI Profile Explained

    The NIST AI Risk Management Framework (AI RMF) is a voluntary framework published by the United States’ National Institute of Standards and Technology to help organisations manage risks associated with artificial intelligence. In 2024 NIST added a companion Generative AI Profile, catalogued as NIST AI 600-1, tailoring the framework to generative systems. This article explains what they are and how organisations use them. It is informational and not legal advice.

    What the AI RMF is

    Released in its first version in January 2023, the AI RMF is a non-binding, sector-agnostic resource. Rather than prescribing controls, it offers a structured way to think about trustworthy AI. NIST describes characteristics of trustworthy AI systems — including that they should be valid and reliable, safe, secure and resilient, accountable and transparent, explainable and interpretable, privacy-enhanced, and fair with harmful bias managed. The framework’s authoritative materials are published on nist.gov. For a fuller treatment see our pillar page on the NIST AI RMF.

    The four core functions

    The heart of the framework is its Core, organised into four functions that operate continuously rather than as a one-off checklist:

    • Govern — cultivating a culture of risk management, with policies, roles and accountability that cut across the other functions.
    • Map — establishing context and identifying risks associated with an AI system and its intended use.
    • Measure — analysing, assessing and tracking identified risks using quantitative and qualitative methods.
    • Manage — prioritising and acting on risks, allocating resources and monitoring over time.

    These functions are intended to be revisited iteratively across an AI system’s lifecycle.

    The Generative AI Profile (AI 600-1)

    The Generative AI Profile responds to risks that are distinctive to, or amplified by, generative models. It identifies a set of risk areas — for example, the potential for systems to produce false or misleading content commonly described as confabulation, the lowering of barriers to certain harmful information, data-privacy concerns, intellectual-property issues, and risks relating to harmful or biased outputs. Crucially, AI 600-1 is structured as a profile: it maps suggested actions back to the Govern, Map, Measure and Manage functions, so organisations already using the AI RMF can extend their existing practice rather than adopt a separate scheme. Questions of disclosing AI-generated content connect to our wider coverage of generative-AI disclosure.

    How organisations actually use it

    Because the framework is voluntary, adoption patterns vary. Common uses include structuring an internal AI governance programme around the four functions, using the trustworthiness characteristics as a vocabulary for cross-functional discussion, and using the Generative AI Profile’s action items as a starting catalogue when assessing a new generative deployment. Some organisations also use the framework as a communication tool, mapping their existing controls onto its functions to explain their governance to boards, customers or partners in a recognised vocabulary. Others treat it as a maturity guide, revisiting the Measure and Manage functions periodically as systems and risks evolve. Organisations frequently pair the AI RMF with a certifiable management-system standard such as ISO/IEC 42001: the framework provides risk-management substance while the standard provides an auditable management structure.

    Voluntary, not regulatory

    An important distinction is that the AI RMF does not impose legal obligations. It does not certify products, and using it does not by itself demonstrate compliance with any law. That said, it is widely referenced. Some organisations align with it to support their own assurance narratives, and it is frequently cited as a touchstone in policy discussions about responsible AI in the United States. Where binding rules apply — such as the EU AI Act for systems used in the Union — the framework can inform practice but does not replace legal requirements.

    The Profile structure and why it matters

    NIST’s choice to publish AI 600-1 as a profile rather than a separate framework is a deliberate design decision with practical consequences. A profile, in NIST’s terminology, is an implementation of the framework tailored to a particular context — here, generative AI. Because each suggested action in the Generative AI Profile is tied back to one of the four core functions, an organisation does not have to reconcile two competing schemes. Instead it extends the practices it already runs, adding generative-specific considerations to its existing Govern, Map, Measure and Manage activities. This continuity lowers the adoption cost for organisations that had already begun using the AI RMF before generative systems became central to their work.

    The companion playbook and resources

    The AI RMF is accompanied by supporting resources, including a companion playbook that offers suggested actions, references and documentation prompts mapped to the framework’s subcategories. These resources are intended to be used selectively rather than wholesale: an organisation chooses the elements relevant to its context and maturity. NIST has also supported a community around the framework, reflecting its intention that the resource evolve with practice rather than remain a static document. This living-resource posture distinguishes it from a fixed compliance checklist.

    Terminology and accessibility

    NIST deliberately wrote the framework to be usable across sectors and organisation sizes, including those without dedicated AI-risk teams. Terms such as risk mapping, model lifecycle and trustworthiness characteristics recur throughout; readers new to them may find plain-language entries in our dictionary helpful when working through the documentation.

    In summary

    The NIST AI RMF offers a voluntary, function-based approach to managing AI risk, and the Generative AI Profile (AI 600-1) extends it to the specific risks of generative systems. Neither is a law or a certification, but both are widely used to structure governance and to provide shared vocabulary. The authoritative documents remain those published by NIST; this article is a neutral summary rather than advice.

  • ISO/IEC 42001: The First AI Management-System Standard

    ISO/IEC 42001 is the first international standard for an artificial-intelligence management system (AIMS). Published in December 2023 by the International Organization for Standardization and the International Electrotechnical Commission, it gives organisations a certifiable structure for governing how they develop and use AI. This article explains what the standard is, what certification means, and how it differs from the NIST AI RMF. It is informational and not legal advice.

    What a management-system standard is

    ISO/IEC 42001 belongs to the same family as well-known standards such as ISO 9001 (quality) and ISO/IEC 27001 (information security). These standards do not assess a product directly; instead they specify requirements for a management system — the policies, roles, processes and continual-improvement loops an organisation puts in place to achieve consistent outcomes. Applied to AI, the standard asks an organisation to establish, implement, maintain and continually improve a system for managing AI-related risks and opportunities. Our pillar page on ISO/IEC 42001 sets out the structure in more detail.

    What the standard requires

    Following the common high-level structure shared across modern ISO management-system standards, ISO/IEC 42001 addresses areas such as:

    • Understanding the organisation’s context and the needs of interested parties.
    • Leadership commitment and an AI policy.
    • Planning, including AI risk assessment and treatment, and an AI impact assessment.
    • Support — resources, competence, awareness and documented information.
    • Operation — operational planning and control of the AI lifecycle.
    • Performance evaluation — monitoring, internal audit and management review.
    • Improvement — corrective action and continual improvement.

    The standard also includes annexes offering a reference set of controls and implementation guidance that organisations can select from based on their risk assessment.

    What certification actually means

    Because ISO/IEC 42001 is a certifiable standard, an organisation can engage an accredited certification body to audit its AI management system against the requirements. A successful audit results in certification, signalling to customers, partners and regulators that an independently assessed management system is in place. Two clarifications matter:

    • Certification attests to the management system, not to any individual AI model being “safe” or “unbiased”. It is a statement about governance maturity, not a product guarantee.
    • Certification is voluntary and does not, by itself, establish compliance with any specific law such as the EU AI Act, though a robust management system can support an organisation’s wider compliance efforts.

    How it differs from the NIST AI RMF

    The two instruments are complementary but distinct in nature:

    • Certifiability. ISO/IEC 42001 can be independently certified; the NIST AI RMF is a voluntary framework with no certification scheme.
    • Focus. ISO/IEC 42001 centres on the management system — the organisational scaffolding for governing AI. The AI RMF centres on the substance of risk management through its Govern, Map, Measure and Manage functions.
    • Origin and reach. ISO/IEC 42001 is an international standard developed through ISO/IEC consensus processes; the AI RMF is a US framework from NIST.
    • Output. ISO/IEC 42001 yields a certificate that third parties can rely on; the AI RMF yields internal practice and shared language, with no external attestation attached.

    Neither is a regulatory requirement on its own, and adopting one does not preclude the other. Many organisations find the distinction practical rather than competitive: one tells them how to think about AI risk, the other gives them an auditable wrapper they can demonstrate to outsiders.

    In practice many organisations use both together: the AI RMF (and its generative-AI profile) to inform how they identify and treat risk, and ISO/IEC 42001 to provide an auditable structure within which that work sits.

    The AI impact assessment

    A distinctive element of ISO/IEC 42001 compared with earlier management-system standards is its explicit attention to the impact of AI systems on individuals and groups, not only on the organisation. The standard contemplates an AI impact assessment process that considers consequences for people and society — for example, fairness, safety and privacy effects — as part of planning and operation. This outward-looking dimension reflects the particular character of AI risk, where harms can fall on third parties such as customers, patients or the public rather than solely on the organisation deploying the system. It is one reason the standard is seen as more than a relabelling of existing security or quality frameworks.

    The certification process in practice

    Achieving certification typically follows a familiar two-stage audit pattern used across ISO management-system standards. An initial stage reviews documentation and readiness; a second stage assesses whether the management system is implemented and effective in practice. Certification is then maintained through periodic surveillance audits and renewed through recertification over a multi-year cycle. Because the standard is risk-based, the controls an organisation selects from its annexes should follow from its own risk assessment, and an auditor examines whether those choices are justified and operating — not whether the organisation has adopted every possible control.

    Why a management-system approach

    The appeal of a management-system standard is repeatability and accountability. By embedding AI governance into familiar plan-do-check-act machinery, organisations can integrate it with existing certifications for quality and security rather than building a parallel programme. For organisations already certified to standards such as ISO/IEC 27001, the shared high-level structure means ISO/IEC 42001 can often be layered onto existing governance rather than stood up from scratch. For readers new to terms such as management system, statement of applicability or impact assessment, our dictionary provides plain-language entries.

    In summary

    ISO/IEC 42001 is the first international AI management-system standard, offering a certifiable structure for governing AI across its lifecycle. It complements rather than replaces risk-management frameworks like the NIST AI RMF, and certification attests to governance maturity rather than product safety or legal compliance. This article is a neutral overview; organisations should consult accredited certification bodies and qualified advisers for their own circumstances.