NIST AI Risk Management Framework (AI RMF 1.0 and Generative AI Profile)
United States · NIST AI 100-1 (AI RMF 1.0); NIST AI 600-1
A voluntary federal framework that helps organizations identify, measure, and manage risks from AI systems — including bias, safety, and security issues. It creates no legal rights for individuals, but it has become the de facto standard referenced by regulators, several state AI laws, and federal contractors.
Technical detail
NIST AI RMF 1.0 (Jan. 26, 2023) is a voluntary risk framework, supplemented by the Generative AI Profile (NIST AI 600-1, July 2024) and ongoing 2025–2026 profile work; compliance is non-mandatory but referenced in state statutes (e.g., TRAIGA safe harbors) and procurement expectations.
Who is protected: Indirectly: individuals affected by AI systems whose developers/deployers adopt the framework
Who must comply: Voluntary for all organizations; effectively expected of federal contractors and referenced by regulators
Key facts
| Jurisdiction | United States |
|---|---|
| Level | Federal |
| Status | In effect |
| Protection strength | Limited protection |
| Effective date | 2023-01-26 |
| Citation | NIST AI 100-1 (AI RMF 1.0); NIST AI 600-1 |
| Enforced by | None (voluntary; NIST is non-regulatory) |
| Private right of action | No — agency enforcement only |
| Topics | AI disclosure and transparency · automated decision-making · government use of AI · consumer protection |
| Last verified | 2026-06-10 |
| Official source | AI Risk Management Framework | NIST ↗ |
More AI rules in United States
- FTC Act Section 5 (unfair/deceptive AI) · In effect
- TAKE IT DOWN Act · In effect
- FCRA (AI in credit & background checks) · In effect
- ECOA / Regulation B (AI credit discrimination) · In effect
- Title VII / ADA (AI hiring) · In effect
- COPPA + 2025 Rule (childrens data) · In effect
Related AI disclosure and transparency rules elsewhere
- CCPA/CPRA + ADMT Regulations · In effect
- AB 2013 (Training Data Transparency) · In effect
- SB 942 (AI Transparency Act) · Enacted (not yet in effect)
- SB 53 (Frontier AI Safety) · In effect
- Colorado AI Act (repealed) · Repealed / replaced
- SB 26-189 (Colorado ADMT Law) · Enacted (not yet in effect)
See something wrong or out of date? Submit a correction — every entry must carry a verifiable official source.