AI Risk Management Framework
The AI Risk Management Framework (AI RMF) is intended for voluntary use and to improve the ability to incorporate trustworthiness considerations into the design, development, use, and evaluation of AI products, services, and systems.
As a consensus resource, the AI RMF was developed in an open, transparent, multidisciplinary, and multistakeholder manner over an 18-month time period and in collaboration with more than 240 contributing organizations from private industry, academia, civil society, and government. Feedback received during the development of the AI RMF is publicly available on the NIST website.
-
Framing risk
Framing risk includes information on:- Understanding and Addressing Risks, Impacts, and Harms
- Challenges for AI Risk Management
-
Audience
Identifying and managing AI risks and potential impacts requires a broad set of perspectives and actors across the AI lifecycle. The Audience section describes AI actors and the AI lifecycle.
-
AI Risks and Trustworthiness
For AI systems to be trustworthy, they often need to be responsive to a multiplicity of criteria that are of value to interested parties. Approaches which enhance AI trustworthiness can reduce negative AI risks. The AI Risks and Trustworthiness section articulates the characteristics of trustworthy AI and offers guidance for addressing them.
-
Effectiveness of the AI RMF
The Effectiveness section describes expected benefits for users of the framework.
-
AI RMF Core
The AI RMF Core provides outcomes and actions that enable dialogue, understanding, and activities to manage AI risks and responsibility develop trustworthy AI systems. This is operationalized through four functions: Govern, Map, Measure, and Manage.
-
AI RMF Profiles
The use-case Profiles are implementations of the AI RMF functions, categories, and subcategories for a specific setting or application based on the requirements, risk tolerance, and resources of the Framework user.
- Appendix A: Descriptions of AI Actor Tasks
- Appendix B: How AI Risks Differ from Traditional Software Risks
- Appendix C: AI Risk Management and Human-AI Interaction
- Appendix D: Attributes of the AI RMF