The NIST AI Risk Management Framework (AI RMF 1.0, 2023) provides a voluntary, flexible framework for managing risks across the AI system lifecycle. It is organised around four core functions: GOVERN, MAP, MEASURE, and MANAGE. While US-originated, it is widely adopted globally and aligns closely with ISO 42001.
This framework contributes to the following governance domains in your Encircle score:
Encircle maps NIST AI RMF's four functions to D09 AI & Data and D03 Risk. Combined with ISO 42001 mapping, Encircle provides a comprehensive AI governance assessment that satisfies both frameworks simultaneously — upload your AI Use Policy once and it satisfies both.
Encircle tells you when you are NIST AI RMF Aligned — meaning your AI governance practices cover all four functions with documented evidence. NIST AI RMF is not a certification framework, so alignment is evidenced through governance documentation.