---
id: framework:nist-ai-rmf
type: framework
title: NIST AI Risk Management Framework
status: active
confidence: 0.5
sources:
  - 2026-05-09-cybersec-library-overview.md
  - 2026-05-09-cybersec-attack-coverage.md
created: 2026-05-09
updated: 2026-05-09
updated_log:
  - 2026-05-09: created
tiers: semantic
half_life_days: 180
tags: [framework, nist-ai-rmf, ai-risk, governance]
---

# NIST AI Risk Management Framework

## Summary

The [NIST AI Risk Management Framework](https://airc.nist.gov/AI_RMF) (AI RMF 1.0) defines four core functions for trustworthy AI development: **Govern, Map, Measure, Manage**. The GenAI Profile (AI 600-1, July 2024) extends it with risk categories specific to generative AI — confabulation, prompt injection, supply chain risks, etc. The [[concept:cybersec-skill-library]] tags AI-relevant skills with `nist_ai_rmf` subcategories to anchor each skill's AI-risk story. AI RMF mappings carry direct regulatory weight: Colorado's AI Act (effective February 2026) provides a legal safe harbor for organizations complying with NIST AI RMF.

> **Source-coverage caveat:** AI RMF gets one paragraph in our raw sources (the library README's framework deep-dive) plus brief coverage notes in ATTACK_COVERAGE.md. Treat detailed claims with low confidence.

## Claims

- NIST AI RMF 1.0 defines 4 core functions — Govern, Map, Measure, Manage — with **72 subcategories** for trustworthy AI development. `[src: raw/2026-05-09-cybersec-library-overview.md] {conf: 0.6}`
- The GenAI Profile (AI 600-1, July 2024) adds **12 risk categories** specific to generative AI — including confabulation, data privacy, prompt injection, and supply chain risks. `[src: raw/2026-05-09-cybersec-library-overview.md] {conf: 0.6}`
- Colorado's AI Act (effective February 2026) provides a **legal safe harbor** for organizations complying with NIST AI RMF — making these mappings directly relevant to regulatory compliance, not just best-practice. `[src: raw/2026-05-09-cybersec-library-overview.md] {conf: 0.55}`
- The library currently maps **85 skills** to NIST AI RMF subcategories. Coverage spans all 4 core functions: GOVERN-1.1/6.1/6.2, MAP-5.1/5.2/1.6, MEASURE-2.5/2.7/2.8/2.11, MANAGE-2.4/3.1. GenAI-specific subcategories applied include GOVERN-6.1 and 6.2 (responsible deployment policies). `[src: raw/2026-05-09-cybersec-attack-coverage.md] {conf: 0.7}`
- Skills with AI/ML relevance carry the `nist_ai_rmf` frontmatter field — e.g. `building-cloud-siem-with-sentinel` declares `nist_ai_rmf: [MEASURE-2.7, MAP-5.1, MANAGE-2.4]`. `[src: raw/2026-05-09-cybersec-attack-coverage.md] {conf: 0.7}`

## Relationships

- complements → [[framework:mitre-atlas]] `{conf: 0.65}`
- complements → [[framework:nist-csf-20]] `{conf: 0.7}`
- maps-to → [[concept:cybersec-skill-library]] `{conf: 0.6}`

## Open questions

- [ ] **Source-coverage gap:** Library overview README + ATTACK_COVERAGE coverage paragraph are the only AI RMF sources; we lack `mappings/nist-ai-rmf/README.md`. The 72 subcategories and 12 GenAI risk categories aren't enumerated in any raw file.
- [ ] How does the GenAI Profile interplay with [[framework:mitre-atlas]] in the library — are the same skills tagged in both, or are they treated as distinct concerns?

## Changelog

- 2026-05-09 — created