NIST AI RMF 1.0 is a voluntary framework published by the National Institute of Standards and Technology for managing risks in AI systems. It defines four core functions — Govern, Map, Measure, and Manage — that provide a structured approach to identifying, assessing, and mitigating AI risks throughout the system lifecycle.
US organizations, government contractors, and enterprises seeking a structured AI risk management approach. While voluntary, NIST AI RMF is increasingly expected by regulators, customers, and partners as a baseline for responsible AI.
| Framework criterion | Brigs control(s) |
|---|---|
| Govern — Policies & Oversight | AGENT_ACTION_GATINGAGENT_PR_GATE |
| Govern — Roles & Responsibilities | AGENT_LEAST_PRIVILEGEMCP_LEAST_PRIVILEGE |
| Map — Context & Risk Identification | AGENT_TOOL_ALLOWLISTAGENT_INTER_AGENT_COMMS |
| Measure — Analysis & Monitoring | AGENT_AUDIT_LOGGINGDEPENDENCY_CVE_HYGIENE |
| Manage — Risk Response & Recovery | AGENT_CASCADING_FAILURESDEP_SUPPLY_CHAIN |
The NIST AI Risk Management Framework (AI RMF 1.0) is a voluntary framework for managing AI risks. Published in January 2023 by NIST, it provides four core functions — Govern, Map, Measure, and Manage — to help organizations identify, assess, and mitigate risks in AI systems.
NIST AI RMF is voluntary, but it is increasingly expected by federal agencies, government contractors, and enterprises. Executive Order 14110 on AI Safety references NIST standards, making alignment increasingly important for US-based organizations.
Brigs maps its agent governance controls across all four NIST AI RMF functions. Action gating and PR gates support Govern, tool allowlists support Map, audit logging supports Measure, and cascading failure controls support Manage.
Connect your repositories and get automated NIST AI RMF control evaluation in minutes.
Get Started Free