HomeLegal DirectoryNIST GenAI Profile (AI 600-1)

In effect Limited protection

NIST Generative AI Profile (NIST AI 600-1) — Companion to the AI Risk Management Framework

United States · NIST AI 600-1

NIST's voluntary GenAI Profile is the leading federal playbook for managing risks unique to generative AI: hallucinations, harmful content, intellectual property leakage, data poisoning, and CBRN misuse. Federal contractors and many enterprises adopt it as the de facto AI risk-management baseline.

Technical detail

NIST AI 600-1 (July 26, 2024). A profile of the NIST AI RMF (AI 100-1) targeting 12 risks unique to or exacerbated by generative AI, with 200+ recommended actions mapped to the RMF's Govern/Map/Measure/Manage functions. Implements directives in EO 14110 (since revoked) and remains the NIST baseline referenced by EO 14179 and the 2025 AI Action Plan.

Who is protected: End users of generative AI systems, including consumers exposed to AI hallucinations or harmful outputs

Who must comply: Voluntary; federal agencies and contractors typically adopt under OMB M-25-21 / M-25-22 baseline requirements

Key facts

JurisdictionUnited States
LevelFederal
StatusIn effect
Protection strengthLimited protection
Effective date2024-07-26
Enacted2024-07-26
CitationNIST AI 600-1
Enforced byNational Institute of Standards and Technology (no enforcement; widely incorporated by reference)
Private right of actionNo — agency enforcement only
PenaltiesNo direct penalties; incorporated into federal procurement and OMB AI risk management requirements
Topicsautomated decision-making · AI disclosure and transparency · consumer protection
Last verified2026-06-17
Official sourceNIST AI 600-1 — Generative AI Profile (July 2024) ↗

More AI rules in United States

Related automated decision-making rules elsewhere

See something wrong or out of date? Submit a correction — every entry must carry a verifiable official source.