NIST AI RMF — cross-walk against the TrustAtlas catalog
A mapping from each function of the NIST AI Risk Management Framework (1.0) onto the eight risk dimensions TrustAtlas scores. Useful when your AI risk programme is anchored to NIST language and you need to justify why a specific vendor signal matters.
The four functions and how the catalog covers them
Govern
Establish AI governance structure: policies, roles, accountability.
GOVERN is the foundational function — it defines who is accountable, what policies bind AI development and deployment, how risk tolerance is expressed, and how legal/regulatory obligations flow through the organisation.
Regulatory compliance and jurisdiction are the direct measures of legal/regulatory governance posture; transparency covers public disclosure of governance practices; business stability captures whether the vendor has the organisational continuity to honour governance commitments.
- GOVERN 1: Policies, procedures, and practices in place
- GOVERN 2: Accountability structure with senior leadership
- GOVERN 6: Diverse perspectives integrated into AI risk decisions
Map
Establish AI context: intended purpose, use cases, capabilities, and risks.
MAP is about understanding what the AI system actually does, who it affects, what it depends on, and what failure modes exist. This is largely a transparency function — vendors who publish model cards, intended-use scopes, and dependency disclosures make MAP tractable for buyers.
Transparency captures published model documentation and intended-use scope; dependency chain maps the upstream model topology; data handling covers data-flow surface; IP exposure covers the legal-rights boundary that bounds intended use.
- MAP 1: Context including intended purpose is established
- MAP 3: AI capabilities, targeted usage, and limitations are documented
- MAP 5: Impacts to people and organisations are characterised
Measure
Quantitative + qualitative risk assessment: testing, benchmarks, monitoring.
MEASURE is the analytic function — quantitative and qualitative evidence that the AI system performs as expected, fails safely, and stays within its intended envelope. Vendor security testing, red-teaming, third-party audits, and incident history are the artefacts buyers evaluate here.
Security captures pen-test cadence, red-teaming, vulnerability disclosure, and third-party audit; data handling covers data-loss-prevention posture and retention controls; transparency covers whether measurement results are published.
- MEASURE 1: Appropriate methods and metrics are identified
- MEASURE 2: AI systems are evaluated for trustworthy characteristics
- MEASURE 4: Feedback from human inputs is gathered
Manage
Treat identified risks: mitigation, controls, incident response, lifecycle.
MANAGE is the operational function — actually treating identified risks through controls, mitigations, and incident response. Vendor compliance posture, breach history, and dependency-chain controls dominate this function for buyers evaluating procurement.
Regulatory compliance covers attestations that signal control-management maturity (SOC 2 Type II, ISO 27001, ISO 42001); security covers active controls; dependency chain covers risk transfer to upstream providers; business stability covers continuity of mitigation programmes.
- MANAGE 1: Risks are prioritised and acted on based on assessment
- MANAGE 2: Strategies to maximize benefits and minimise harms are planned
- MANAGE 4: Risk treatments are documented and informed by stakeholder feedback
Related frameworks
- OWASP LLM Top 10 cross-walk — the application-security counterpart
- ISO 42001 — the AI management system certification (the closest external attestation to NIST AI RMF maturity)
- NIST AI RMF aligned vendors — catalog filter for vendors that claim alignment
- TrustAtlas methodology — how the 8 dimensions are scored