NIST AI Risk Management Framework (AI RMF 1.0)

Governance is the foundation of the entire framework. It is not a one-time task but a continuous culture of risk management. GOVERN involves establishing the policies, roles, and responsibilities for AI use across the organization.

The practical starting point is an "AI Use Policy" that defines which AI tools are approved, who is responsible for monitoring them, and what the forbidden use cases are. For healthcare organizations, this explicitly includes prohibitions like "No uploading of PHI to public LLMs" and "No clinical decisions based solely on AI output without physician review."

Governance also means accountability. Someone in the organization—whether a CISO, CTO, or a designated AI Risk Officer—must own the AI risk register. Without clear ownership, AI deployments proliferate without oversight, creating liability that the organization discovers only during a breach or a lawsuit.

The MAP function is about context. You cannot manage a risk you have not identified. Mapping involves analyzing the AI system's intended use, the data it relies on, and the potential impacts on the users and the organization.

For a healthcare AI tool, "Mapping" means identifying that the tool is used for patient triage (High Risk), relies on historical patient data (Potential Bias), and could lead to delayed care if it fails (High Impact). For a SaaS company, it means categorizing every AI feature by its risk tier—a grammar suggestion tool is Low Risk; an automated credit decision engine is High Risk.

The output of the MAP function is a risk profile for every AI asset. This profile is not static. As the AI system evolves, the data it uses changes, or the regulatory environment shifts, the Map must be updated.

Once risks are mapped, they must be measured. This involves using quantitative and qualitative metrics to analyze the AI system's performance and its potential for harm. This is where bias testing, accuracy validation, and adversarial testing occur.

A practical measurement exercise is "red-teaming"—intentionally trying to make the AI produce a biased, incorrect, or harmful answer to identify where the guardrails fail. For healthcare AI, this means running the model against edge cases and demographic subgroups to verify that it performs equitably across patient populations.

Measurement should not be a one-time exercise. It should be scheduled periodically and triggered automatically when the underlying model is updated or when a new dataset is incorporated into training.

Manage is the action phase. Based on the measurements, the organization implements controls to mitigate the identified risks. This includes technical guardrails, human oversight processes, and continuous monitoring protocols.

For a healthcare organization, the most critical "Manage" control is a Human-in-the-Loop (HITL) requirement for any AI output that directly informs a clinical decision. This means a qualified professional reviews and approves the AI recommendation before it is acted upon. For a SaaS platform, it might mean rate-limiting AI outputs, implementing content filters, and establishing an automated alerting system that flags anomalous model behavior.

The MANAGE function also includes incident response. If an AI system fails—produces a biased output, makes a harmful recommendation, or is exploited—there must be a documented playbook for how the organization responds, communicates, and remediates.