NIST AI RMF
The NIST AI RMF Playbook Explained: Govern, Map, Measure, Manage
A practical walkthrough of the NIST AI Risk Management Framework's four core functions, with the actions and artifacts each one expects you to produce.
July 1, 2026 · 12 min read
NIST AI RMF
The NIST AI Risk Management Framework (AI RMF) is voluntary, which is exactly why so many teams underestimate how much structure it actually has. The Playbook — NIST’s companion guidance to the AI RMF Core — turns four short function names into a genuinely usable implementation guide. Here is what each function requires in practice, and how to use the Playbook without getting lost in it.
TL;DR
- The NIST AI RMF Core has four functions: Govern, Map, Measure and Manage. Govern is cross-cutting — it wraps around the other three rather than running before or after them.
- Map establishes context: what the AI system does, who it affects, and what could go wrong. Measure analyzes and benchmarks those risks. Manage prioritizes and responds to them.
- The Playbook is explicitly not a checklist — NIST designed it as a menu of suggested actions you pick from based on your use case, not a sequence you must complete in full.
- Each function breaks into categories and subcategories with specific suggested actions — the Playbook is where those actions actually live, not in the AI RMF Core document itself.
- The framework is voluntary in the US but increasingly used as the de facto structure referenced by procurement teams, insurers and other frameworks like ISO 42001.
What the NIST AI RMF and Playbook Actually Are
The AI RMF Core (published January 2023) defines four functions, their categories and subcategories, and the outcomes each one should produce. The Playbookis a separate, companion resource that gives suggested actions, references and guidance for how to actually achieve each of those outcomes. If the Core tells you what “good” looks like, the Playbook is where you find how to get there.
The Four Functions, Explained
| Function | What it means | Typical output |
|---|---|---|
| Govern | Policies, processes and accountability structures for managing AI risk across the whole organization — this function is cross-cutting, informing all the others | AI governance policy, defined roles, risk tolerance statement |
| Map | Establish the context for a specific AI system: its purpose, intended use, affected stakeholders and potential impacts | System context documentation, stakeholder impact analysis |
| Measure | Analyze, benchmark and monitor AI risks using quantitative, qualitative or mixed methods | Risk metrics, testing results, ongoing monitoring plan |
| Manage | Prioritize and respond to risks identified in Map and Measure, and plan for incidents | Risk treatment plan, incident response plan, residual risk decisions |
Categories and Subcategories: The Real Depth of the Framework
Each function breaks down further into categories, and each category into subcategories with specific outcomes — this is the level of detail that actually determines what a team does day to day, and it's substantially larger than the four function names suggest.
| Function | Categories | Subcategories | What they cover |
|---|---|---|---|
| Govern | 6 (Govern 1–6) | 19 | Policy, accountability structures, workforce diversity, third-party risk, and organizational commitment to trustworthy AI |
| Map | 5 (Map 1–5) | 18 | Intended purpose and legal requirements, technical methods and known limitations, costs and benefits, third-party risks, and impact characterization |
| Measure | 4 (Measure 1–4) | 22 | Identifying appropriate metrics, evaluating trustworthy characteristics, tracking risks over time, and gathering feedback |
| Manage | 4 (Manage 1–4) | 13 | Prioritizing risk response, allocating resources, and planning for incidents and recovery |
That's 19 categories and 72 subcategories across the full Core — which is exactly why the Playbook exists: nobody memorizes 72 subcategories, but a well-organized program tracks progress against them per AI system.
Why Govern Isn't 'Step One'
A common misreading of the RMF is to treat Govern, Map, Measure and Manage as four sequential steps. NIST is explicit that Govern is cross-cutting — it should be infused throughout Map, Measure and Manage, not completed once at the start and forgotten. In practice, this means governance policies get revisited every time you map a new system or manage a new risk, not just during an annual policy review.
How to Use the Playbook Without Getting Lost in It
NIST is explicit that the Playbook “is neither a checklist nor set of steps to be followed in its entirety.” Organizations are meant to borrow the suggestions relevant to their use case and risk tolerance, not implement every subcategory identically.
- Start with Govern — establish who owns AI risk decisions before you map your first system.
- Pick one AI system and run it through Map — document its purpose, users and potential harms.
- Use Measure to decide what evidence would actually tell you if the mapped risks are materializing (metrics, testing, red-teaming).
- Use Manage to decide what you'll do about risks that exceed your tolerance — mitigate, transfer, accept, or avoid.
- Repeat Map through Manage for each AI system — Govern stays constant as the umbrella that ties them together.
Voluntary in Law, Mandatory in Practice
The AI RMF carries no legal penalty for non-adoption in the US. In practice, it has become a reference structure that procurement teams, cyber insurers, and even other regulations point to when asking “how do you manage AI risk?” It also maps closely enough to frameworks like ISO 42001 and the EU AI Act that work done for one substantially reduces the work needed for the others.
Who Actually Uses Each Function Day to Day
| Function | Primary owner | Typically consulted |
|---|---|---|
| Govern | Compliance / risk leadership | Legal, executive sponsor |
| Map | Product owner for the AI system | Data science, affected business unit |
| Measure | Data science / ML engineering | Compliance, quality assurance |
| Manage | Compliance / risk leadership | Product, engineering, executive sponsor |
A Simple Maturity Model for RMF Adoption
NIST doesn’t prescribe a maturity model, but many organizations layer a simple one on top of the RMF to track progress honestly rather than treating adoption as binary.
| Stage | What it looks like |
|---|---|
| Ad hoc | Individual teams apply risk practices inconsistently, with no shared Govern policy |
| Developing | A Govern policy exists; Map, Measure and Manage are applied unevenly across systems |
| Managed | All AI systems go through Map, Measure and Manage consistently, tracked centrally |
| Optimizing | Metrics from Measure actively inform policy updates in Govern — the loop closes |
Common Pitfalls When Adopting the RMF
- Treating the four functions as a waterfall. Teams that finish Map once and never revisit it miss how the framework is meant to operate continuously.
- Trying to implement all 72 subcategories at once. NIST explicitly designed the Playbook to be selective — pick what fits your use case and risk tolerance.
- Measuring without a clear Map first. Metrics chosen before context is established often measure the wrong thing.
- No feedback loop back to Govern. Findings from Measure and Manage should update policy — organizations that skip this repeat the same gaps every cycle.
Turning the Playbook Into an Operating Program
Where software helps
Primary Source
- NIST — AI RMF Playbook — the official, searchable Playbook on the NIST AI Resource Center.
- NIST — AI Risk Management Framework — the main NIST AI RMF program page.
Frequently asked questions
Is the NIST AI RMF a legal requirement?
No, it's voluntary in the United States. There is no penalty for non-adoption, but it's increasingly referenced by procurement processes, insurers and other frameworks as the expected structure for AI risk management.
Do I need to complete Map before Measure, and Measure before Manage?
Broadly yes for a given AI system — you need context (Map) before you can meaningfully measure risk, and measurement before you can prioritize a response (Manage). Govern, however, runs continuously across all three rather than being a one-time first step.
Is the Playbook the same document as the AI RMF Core?
No. The AI RMF Core defines the functions, categories and subcategories and their intended outcomes. The Playbook is a separate, more detailed companion resource with suggested actions and references for achieving those outcomes.
How does the NIST AI RMF relate to ISO 42001 and the EU AI Act?
They overlap substantially in intent — risk-based governance of AI systems — though each has its own structure and legal status. Many organizations map evidence once and use it to satisfy multiple frameworks rather than running separate programs.
How many categories and subcategories does the AI RMF Core actually have?
19 categories and 72 subcategories across the four functions: Govern (6 categories, 19 subcategories), Map (5, 18), Measure (4, 22) and Manage (4, 13).
Do we need to implement all 72 subcategories?
No — NIST explicitly designed the framework to be selective. Organizations choose the subcategories relevant to their use case and risk tolerance rather than implementing every one uniformly.
Who should own the NIST AI RMF program inside an organization?
Govern and Manage are typically owned by compliance or risk leadership, while Map and Measure are usually driven by the product owner and data science/ML engineering team for each specific AI system.
Is there an official NIST maturity model for RMF adoption?
No, NIST doesn't publish one. Many organizations layer their own simple maturity model (e.g. ad hoc, developing, managed, optimizing) on top of the RMF to track adoption progress honestly.
Key terms in this article
About the author

Compliance Specialist
Compliance specialist focused on management-system standards and risk frameworks, helping teams turn certification requirements into working programs.
View full profileKeep reading
More from the blog
AI Compliance Software
AI Compliance Software
What Is AI Compliance Software? A Complete Guide for 2026
AI compliance software turns scattered spreadsheets and PDFs into a live system of record for every AI system you build or use. Here's what it does, who needs it, and how to evaluate it.
EU AI Act
EU AI Act
EU AI Act Deadlines in 2026 and 2027: What the Digital Omnibus Actually Changed
In May 2026, EU lawmakers provisionally agreed to delay the AI Act's high-risk deadlines. Here's exactly what changed, what didn't, and what's legally binding today.
ISO 42001
ISO 42001
ISO 42001 Certification Requirements: The Complete Checklist
ISO 42001 has 10 clauses and 38 Annex A controls. This is the complete, plain-language checklist for what you actually need to have in place before your audit.