Featured Publication — IEEE USA · 2024
Evaluating Organizational Alignment with the NIST AI Risk Management Framework
Citing the NIST AI RMF in governance documentation is not the same as aligning with its substance. This paper provides a methodology for telling the difference.
The NIST AI Risk Management Framework is one of the most widely adopted reference points for AI governance in the United States. Many organisations cite it in their governance documentation while implementing only a fraction of its recommended practices.
This paper provides a structured evaluation methodology for assessing genuine alignment with the NIST AI RMF across its four core functions: GOVERN, MAP, MEASURE, and MANAGE. The methodology distinguishes between documentation compliance and operational maturity.
“Self-assessment without an external reference point is not governance. It is optimism with documentation.”
Designed for both internal practitioners and external auditors, it builds on the flexible maturity model framework to give a calibrated view of where organisations stand and what advancing their maturity requires in practice.
Authors
Ravit Dotan
TechBetter
Borhane Blili-Hamelin
AI Risk and Vulnerability Alliance
Ravi Madhavan
University of Pittsburgh
Jeanna Matthews
Clarkson University
Joshua Scarpino
CEO & Founder, Assessed Intelligence
Carol Anderson
Co-author
Publication
IEEE USA
2024
Published Research
Read the Full Article
Evaluating Organizational Alignment with the NIST AI Risk Management Framework, published in IEEE USA, 2024.
