NIST AI Risk Management Framework (AI RMF).

NIST's voluntary framework for managing AI risks, published January 2023 (AI RMF 1.0) with a Generative AI Profile released in July 2024, organized around four Functions: Govern, Map, Measure, and Manage. 它属于网络安全的 合规与框架 分类。

NIST's voluntary framework for managing AI risks, published January 2023 (AI RMF 1.0) with a Generative AI Profile released in July 2024, organized around four Functions: Govern, Map, Measure, and Manage.

The NIST AI Risk Management Framework (AI RMF 1.0), published 26 January 2023, is a voluntary, sector-agnostic framework for managing risks to individuals, organizations, and society from the design, development, deployment, and use of AI systems. It is structured around four core Functions: Govern (culture, policy, oversight), Map (context, characterization, risk identification), Measure (analysis and assessment of risks), and Manage (prioritization, response, communication). Each Function is broken into Categories and Subcategories with outcome statements rather than prescriptive controls. NIST released the Generative AI Profile (NIST AI 600-1) in July 2024, adding GenAI-specific risk categories (confabulation, dangerous-content generation, data privacy, environmental, human-AI configuration, information integrity, IP, obscene/sexual content, value chain) with mapped actions. AI RMF is increasingly referenced by regulators (it appears in the U.S. Executive Order 14110 and is mapped to ISO/IEC 42001 controls), used by enterprises as the structure for AI policies and red-team programs, and forms the basis of vendor questionnaires.

针对 NIST AI Risk Management Framework (AI RMF) 的防御通常结合技术控制与运营实践,详见上方完整定义。

常见的别称包括: AI RMF 1.0, NIST AI 100-1, NIST AI 600-1。