What is the NIST AI RMF?

The NIST AI RMF, or NIST AI Risk Management Framework, is a voluntary framework published by the US National Institute of Standards and Technology to help organisations identify, assess, and manage the risks of AI systems across their full lifecycle. It was released in January 2023, with a Generative AI Profile added in 2024 for the risks specific to large language models.

It is not a law and not a checklist. It is a structured way to organise AI risk work so the people building, buying, and overseeing AI share one language, built around four functions: Govern, Map, Measure, and Manage.

The framework sits close to AI risk management as a practice, inside the broader discipline of AI governance. Governance decides who is accountable and what good looks like; the NIST AI RMF gives that a shape. It is model-agnostic and sector-neutral, which is why it has spread beyond its US federal origin.

The four functions of the NIST AI RMF

The framework organises AI risk work into four functions. They are not strictly sequential: Govern runs across the other three, which cycle continuously as the system changes.

Govern

Govern sets the culture, accountability, and processes for managing AI risk: who owns a risk, what policies apply, how decisions are documented, and how the other three functions are resourced.

It is the connective function, because a measurement no one is accountable for and a control no one signed off are not governance. They are activity. Govern turns intent into a discipline.

Map

Map establishes context and identifies the risks a specific AI system carries: what it is for, who it affects, where it could fail, and what a failure would cost. For an enterprise agent, that means naming the decisions it makes, the data and tools it touches, and the failure modes that matter: harmful output, biased decisions, prompt injection, and drift off scope. Map without Measure is a register no one tests against.

Measure

Measure analyses, assesses, and tracks the risks Map identified. It is where risk stops being a description and becomes a number: testing against known failure modes, scoring outputs, benchmarking models, and tracking how those measures change.

It is the function most programmes underdeliver. Measuring a model once before launch is straightforward. Measuring it continuously, against fresh attack techniques while it runs in production, is far harder. A measure taken in January does not reflect the system by March.

Manage

Manage acts on what Measure found: prioritising risks, applying controls, responding to incidents, and deciding what is acceptable. It is where a measured risk becomes a guardrail, a block, or a documented decision.

It is also where evidence is produced. Every control applied and incident handled should leave a record, because that record is what an auditor asks for. A risk managed but not shown to be managed fails in practice.

The US regulatory context

The NIST AI RMF is voluntary by design. NIST is a standards body, not a regulator, so the framework carries no penalty for non-adoption. That status is often misread as optional. In practice it has become the reference point US oversight is converging on, because no competing US standard carries the same authority. Adopting it is rarely required by law, but being unable to show you considered it is a problem.

Federal agencies are directed to align AI use with the framework, which cascades through procurement, so a vendor selling AI into government is often expected to map its practice to the four functions.

Who uses the NIST AI RMF?

US enterprises deploying AI use it as the backbone of their internal AI risk programme, because it gives engineering, risk, and compliance teams one shared language. Financial-services firms map it alongside existing model risk management practice.

Auditors, assessors, and buyers use it as a yardstick. Answering "how do you manage AI risk?" in the language of Govern, Map, Measure, and Manage is the fastest way to be understood.

How the NIST AI RMF relates to ISO/IEC 42001 and the EU AI Act

Enterprises are measured against three reference points: the NIST AI RMF, ISO/IEC 42001, and the EU AI Act. They are not competitors. They cover the same ground in different registers, and a serious programme treats them as one obligation in three forms.

The NIST AI RMF is a voluntary US framework. It tells you how to think about AI risk through the four functions, but does not certify or bind you.

ISO/IEC 42001 is the international management-system standard for AI, and it is certifiable: an accredited body can audit your AI management system and issue a certificate. Where NIST gives you the functions, ISO/IEC 42001 gives you a structure you can be certified against.

The EU AI Act is binding law. For high-risk systems it requires a risk management system across the lifecycle (Article 9) and record-keeping that produces traceable evidence (Article 72). It does not ask whether you adopted a framework. It asks whether you operated a system and can prove it. The detail sits on the EU AI Act guide.

So: NIST tells you what to do, ISO/IEC 42001 lets you certify that you do it, and the EU AI Act makes a version of it law for high-risk AI. All three now expect AI risk to be managed continuously. For the wider structure they plug into, see the AI governance framework.

Where most programmes break: Measure and Manage

Govern and Map are tractable on paper: an enterprise can write policy, name owners, and document risks in a workshop. Measure and Manage are where the framework meets the system, and where most programmes stall. Measuring AI risk continuously while a model runs in production, and managing it the moment an agent acts, are engineering problems, not documentation ones.

This is the gap Disseqt names PowerPoint Governance: a framework fully mapped and governed on paper, with nothing connecting it to the systems making decisions. It satisfies Govern and Map but cannot operate Measure and Manage, because point-in-time tooling cannot keep pace with systems that drift, act autonomously, and face new vulnerabilities daily. The honest standard for both is continuous: you find the failure in private, before someone finds it in public.

How Disseqt operates Measure and Manage

Disseqt is the only unified assurance platform that covers testing, monitoring, policy, audit, and compliance in one place, so buyers do not have to stitch point tools together to operate the two hardest functions.

For Measure, Disseqt ships 65 ML-based validators across four families covering safety, bias, security, and compliance failure modes, plus 84 jailbreak techniques drawn from a Live Vulnerability Database and cross-LLM benchmarking. Because the validators are ML-based, not LLM-as-judge, they run at sub-50ms inline latency with around 99 percent less water and around 98 percent less CO2 per validation. That makes continuous measurement viable at production scale, the part most tools cannot deliver. This is Test and Detect.

For Manage, runtime guardrails score live output, enforce policy on every agent decision, and detect topic-adherence drift, with explainability on every blocked action. This is Protect and Enforce: the control runs the moment the system acts.

Both functions produce evidence by default. Every test, block, and escalation lands in a tamper-evident audit trail mapped to NIST AI RMF functions, EU AI Act articles, and FCA, SEC, and ISO/IEC 42001 alignment. This is Prove and Comply, which turns Manage into something an auditor will accept. Regulated customers, including tier-one UK, Irish, and US banks, run the framework continuously this way. [PROOF PLACEHOLDER]

Frequently asked questions

What is the NIST AI RMF?

The NIST AI RMF is the NIST AI Risk Management Framework, a voluntary US framework from the National Institute of Standards and Technology that helps organisations identify, assess, and manage AI risk across the lifecycle. It organises that work into four functions: Govern, Map, Measure, and Manage. It was released in January 2023, with a Generative AI Profile added in 2024.

What are the four functions of the NIST AI RMF?

Govern, Map, Measure, and Manage. Govern sets culture, accountability, and policy and runs across the other three. Map identifies the risks a system carries, Measure analyses and tracks them, and Manage acts on them through controls and documented decisions.

Is the NIST AI RMF mandatory?

No. It is voluntary and carries no penalty for non-adoption, but it has become the de facto US reference for managing AI risk. Federal alignment cascades to contractors and suppliers, so being unable to show you considered it is a problem.

How does the NIST AI RMF relate to ISO/IEC 42001 and the EU AI Act?

The NIST AI RMF gives you the four functions but does not certify or bind you. ISO/IEC 42001 is the certifiable management-system standard an accredited body can audit against. The EU AI Act is binding law that, for high-risk systems, requires a lifecycle risk management system (Article 9) and traceable record-keeping (Article 72).

Which NIST AI RMF functions are hardest to operate?

Measure and Manage. Govern and Map can be done on paper. Measure means testing AI risk continuously while a system runs in production, and Manage means acting on it the moment the system makes a decision. Both are engineering problems point-in-time tooling cannot solve.

Bottom line

The NIST AI RMF is the framework US enterprises cite most and operate least, because Measure and Manage demand continuous testing and real-time control on systems that drift and act on their own. Disseqt is the Assurance Layer built to operate those two functions in one platform, with evidence mapped to NIST, ISO/IEC 42001, and the EU AI Act that regulators accept. To see it on your systems, book a demo.