NIST AI Risk Management Framework (AI RMF 1.0)

United States (Voluntary)

In Effect (voluntary framework) us-federalvoluntaryframeworkde-facto-standard

Overview

JurisdictionUnited States (Voluntary)
StatusIn Effect (voluntary framework)
Signed DateJan 26, 2023
Effective DateJan 26, 2023
Enforcement BodyNIST (no enforcement — guidance only)
Affected EntitiesAny organization developing or deploying AI (voluntary)

Scope

Voluntary framework for managing AI risks. Widely adopted as de facto standard by US agencies and companies.

Key Requirements

  • Govern: Establish culture and governance structures for AI risk
  • Map: Contextualize AI systems and their risks
  • Measure: Assess, analyze, and track AI risks
  • Manage: Prioritize and act on risks

Penalties

None — voluntary framework

Sources

Key Dates & Deadlines

  • Jan 26, 2023
    Framework published
    In Effect
  • Jul 2, 2024
    Generative AI Profile published
    In Effect

At a Glance

Status: In Effect (voluntary framework)
Effective: Jan 26, 2023
Enforcement: NIST (no enforcement — guidance only)