1.3 — AI RMF Profiles and Use Cases
NIST AI RMF Profiles are implementations of the framework tailored to specific use cases, sectors, or applications. Profiles help organizations prioritize which parts of the Core to implement based on their specific context. A Profile is essentially a selection and prioritization of the Core's subcategories relevant to a particular scenario.
A Generative AI Profile (NIST AI 600-1) was released in July 2024, addressing risks unique to foundation models and generative AI systems, including hallucinations, data poisoning, prompt injection, CSAM generation, confabulation, environmental costs, and intellectual property concerns. This profile maps 12 unique risk categories to the four core functions.
| # | Risk Category | Description |
|---|---|---|
| 1 | CBRN Information | Risk of AI generating chemical, biological, radiological, or nuclear weapons information |
| 2 | Confabulation | AI generating false information presented as fact (hallucinations) |
| 3 | Data Privacy | Exposure or misuse of personal/sensitive data during training or inference |
| 4 | Environmental Impact | Energy consumption, carbon footprint, and resource usage of large models |
| 5 | Harmful Bias / Homogenization | Amplification of societal biases; reduction of information diversity |
| 6 | Human-AI Configuration | Risks from improper human-AI interaction design (over-reliance, automation bias) |
| 7 | Information Integrity | Risks to the broader information ecosystem (deepfakes, misinformation at scale) |
| 8 | Information Security | Prompt injection, data poisoning, model extraction, adversarial attacks |
| 9 | Intellectual Property | Training on copyrighted data; generating infringing content |
| 10 | Obscene / Degrading Content | Generation of CSAM, non-consensual intimate imagery, or degrading material |
| 11 | Toxic Content | Generation of hate speech, violent content, or discriminatory language |
| 12 | Value Chain / Component Integration | Risks from third-party models, APIs, datasets, and supply chain dependencies |
Exam questions frequently ask you to identify or categorize risks according to the Generative AI Profile. Memorize all 12 categories. A common trick: 'hallucination' is officially called 'confabulation' in the NIST GenAI Profile. Also note that 'information security' covers prompt injection — a frequently tested topic.
Organizations can create Current Profiles (documenting existing practices) and Target Profiles (desired future state) to identify gaps and plan improvements. The gap analysis between Current and Target Profiles drives the risk management roadmap.
Document which subcategories of the Core your organization currently addresses, and to what extent. Assess the maturity of each practice against the Playbook's suggested actions.
Compare current practices against the full set of Core subcategories relevant to your use case. Identify areas where practices are absent, informal, or insufficient. Prioritize gaps by risk impact.
Select and prioritize the Core subcategories you want to achieve. Set specific, measurable targets for each subcategory. Align targets with organizational risk tolerances, regulatory requirements, and stakeholder expectations.
Develop an actionable plan to close gaps between Current and Target Profiles. Assign ownership, allocate resources, set timelines, and establish milestones. Review and update the roadmap regularly.