NIST AI Risk Management Framework

Govern, Map, Measure, and Manage. Govern is the cross-cutting function that informs and is informed by the other three. It establishes the organizational policies, roles, accountability structures, and culture necessary for effective AI risk management.

1) Valid and Reliable, 2) Safe, 3) Secure and Resilient, 4) Accountable and Transparent, 5) Explainable and Interpretable, 6) Privacy-Enhanced, and 7) Fair — with Harmful Bias Managed. These characteristics are interrelated and may involve trade-offs.

Profiles are tailored implementations of the framework for specific use cases, sectors, or applications. They help organizations prioritize which parts of the Core to implement. Current Profiles document existing practices; Target Profiles define the desired future state. The gap analysis between them drives the risk management improvement roadmap.

The Generative AI Profile (July 2024) addresses 12 unique risk categories specific to foundation models and generative AI: CBRN information, confabulation, data privacy, environmental impact, harmful bias/homogenization, human-AI configuration, information integrity, information security, intellectual property, obscene/degrading content, toxic content, and value chain/component integration.

They refer to the same phenomenon — AI generating false information presented as fact. However, NIST officially uses the term 'confabulation' in the Generative AI Profile rather than the colloquial term 'hallucination.' Exam questions may test this terminology distinction.

Executive Order 14110 (October 2023) on Safe, Secure, and Trustworthy AI references the NIST AI RMF extensively and directs federal agencies to use it. However, the AI RMF itself remains voluntary for private sector organizations. The EO effectively makes it a de facto standard for government AI systems while encouraging broader adoption.

The first step is establishing governance structures (the GOVERN function): assigning an AI risk management lead, forming cross-functional teams, defining risk tolerances, and securing executive buy-in. This comes first because you cannot effectively MAP, MEASURE, or MANAGE risks without organizational policies, accountability, and resources in place.

MEASURE goes beyond traditional functional testing to include AI-specific methods: adversarial testing (red-teaming), fairness testing across demographic groups, robustness testing against distribution shift, explainability scoring, and continuous post-deployment monitoring for model drift. It uses quantitative, qualitative, or mixed methods and tracks risks over time rather than being a one-time pass/fail check.