U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology Laboratory

AI Risk Management Framework

AI Risk Management Framework FAQs

Share

  1. What is the AI Risk Management Framework (AI RMF)?

    The Framework is intended to help developers,users and evaluators of AI systems better manage AI risks which could affect individuals, organizations, or society. It aims to foster the development of innovative approaches to address characteristics of trustworthiness including accuracy, explainability and interpretability, reliability, privacy, robustness, safety, security (resilience), and mitigation of unintended and/or harmful bias or harmful uses. The Framework should consider and encompass principles such as transparency, accountability, and fairness during pre-design, design and development, deployment, use, and test and evaluation of AI technologies and systems. These characteristics and principles are generally considered as contributing to the trustworthiness of AI technologies and systems, products, and services.
     
  2. Why is NIST developing the Framework?

    NIST aims to cultivate trust in the design, development, use, and evaluation of AI technologies and systems in ways that enhance economic security and improve quality of life. The agency’s work on an AI RMF is consistent with recommendations by the National Security Commission on Artificial Intelligence and the Plan for Federal Engagement in Developing AI Technical Standards and Related Tools. Congress has directed NIST to collaborate with the private and public sectors to develop a voluntary AI RMF.
     
  3. For whom is the Framework intended?

    It should be useful for those who design, develop, use, or evaluate AI technologies. It will use language that is understandable by a broad audience, including senior executives and those who are not AI professionals, while still of sufficient technical depth to be useful to practitioners across many domains. The Framework should be scalable to organizations of all sizes, public or private, in any sector, and operating within or across domestic borders.
     
  4. Will private or public sector organizations be required to use the Framework?

    No. NIST is producing this as a voluntary Framework.
     
  5. How is the Framework being developed and what’s the timeframe?

    NIST is soliciting input from all interested stakeholders. It will be consensus-driven and developed and updated through an open, transparent, and collaborative process. NIST has a long track record of successfully and collaboratively working with others to develop standards and guidelines. NIST will model its approach in the same way that it used to develop other frameworks.

    NIST released a draft AI RMF on March 17th with comments due by April 29, 2022. Discussions about the draft will take place during a NIST workshop March 29-31, 2022. A second draft will be released, and another workshop held, in the Summer/Fall of 2022 with AMF 1.0 released by early 2023.
     

  6. Will NIST provide additional guidance to help with using the AI RMF?

    Yes. NIST is producing a companion Practice Guide to assist in adopting the AI RMF. Comments on the draft AI RMF will be taken into account as the Practice Guide is developed.

    It will reside online only and will be updated regularly with contributions expected to come from many stakeholders. The Guide will be part of a NIST AI Resource Center that is being established. NIST already has published a variety of documents and carries out measurement and evaluation projects which inform AI risk management. See: https://www.nist.gov/artificial-intelligence

     
  7. Will the AI RMF relate to other NIST frameworks on cybersecurity and privacy?

    Stakeholders are being asked to provide input to help determine whether it makes sense to relate the AI RMF to other NIST frameworks.
     
  8. How does this fit in with other NIST AI research, standards, and other activities?

    NIST aims to cultivate trust in the design, development, use, and evaluation of AI technologies and systems in ways that enhance economic security and improve quality of life. The agency focuses on improving measurement science, standards, technology, and related tools, including evaluation and data. NIST is developing forward-thinking approaches that support innovation and confidence in AI systems. Its work on an AI RMF is consistent with the Plan for Federal Engagement in Developing AI Technical Standards and Related Tools published in 2019.
     
  9. How do I get involved in the Framework development effort?

    NIST is developing the AI RMF through a consensus-driven, open, and collaborative process that will include workshops, a Request for Information,  and other opportunities to provide input. Check out our Engage page, watch this space for specific opportunities, sign up to receive email notifications about NIST’s AI activities here, or contact us at: AIframework [at] nist.gov
     
  10. Who can answer additional questions regarding the Framework?

    Send us an email: AIframework [at] nist.gov
Information technology and Artificial intelligence
Created July 13, 2021, Updated March 25, 2022