top of page
Search

Govern Before You Build: A Plain-Language Guide to the NIST AI Risk Management Framework

Introduction

The NIST AI Risk Management Framework exists to fix a specific problem: the people who understand AI technology can't always explain the risk, and the people who understand the risk don't always understand the technology. Released in January 2023, the AI RMF is a governance framework — a structured way for organizations to think about, talk about, and act on AI risks.

The Four Functions

GOVERN is the foundation — structures, policies, roles, and culture. MAP identifies and contextualizes risks. MEASURE evaluates their severity and monitors performance. MANAGE makes decisions: mitigate, transfer, accept, or avoid risk. These operate as an ongoing cycle, not a one-time checklist.

The Generative AI Extension

In July 2024, NIST released the Generative AI Profile (NIST AI 600-1), addressing the distinctive risks of large language models: hallucination, data poisoning, bias amplification, privacy leakage, and misuse. For communicators and public affairs professionals whose work involves creating or curating information, this profile is directly relevant.

Why Voluntary Frameworks Matter

Organizations that engage seriously with the AI RMF find it surfaces real leadership questions: Who is accountable for this system? What happens if it makes an error? How do we know it's working as intended? In an environment where regulatory requirements for AI are still developing, voluntary frameworks offer stability — hard-won consensus about responsible AI, built outside political pressures.

Closing Reflection

GOVERN, MAP, MEASURE, MANAGE — in that order, continuously, with accountability. That's not a technical framework. That's a description of organizational maturity.

Sources

NIST. AI Risk Management Framework. https://www.nist.gov/itl/ai-risk-management-framework

NIST. Artificial Intelligence Risk Management Framework (AI RMF 1.0). January 26, 2023. https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.100-1.pdf

NIST. NIST AI 600-1: AI Risk Management Framework: Generative AI Profile. July 26, 2024. https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.600-1.pdf

NIST AI Resource Center. NIST AI RMF Playbook. https://airc.nist.gov/airmf-resources/playbook/

Comments

©2024 by Theoplis Stewart II.

bottom of page