Unorma

NIST AI RMF

NIST AI RMF Software: Automating Govern, Map, Measure and Manage at Scale

What NIST AI RMF software actually automates across the four core functions, how it should map to the Playbook's subcategories, and how to evaluate and roll it out.

Zofia Kubiak
Zofia Kubiak

July 4, 2026 · 16 min read

NIST AI RMF

NIST never built software for its own AI Risk Management Framework — the RMF and its Playbook are guidance documents, not a platform. That gap is exactly why a market for NIST AI RMF-mapped software exists. This is a detailed look at what that software actually automates across Govern, Map, Measure and Manage, how it should handle NIST's concept of a “profile,” and how to evaluate and roll one out.

TL;DR

  • NIST publishes the AI RMF and Playbook as guidance, not software — RMF-mapped software exists to operationalize that guidance across real AI systems at scale.
  • Good software maps its data model directly to the RMF's four functions and their subcategories, not just a generic 'AI risk' label.
  • A NIST AI RMF 'profile' is simply the gap between your current risk posture and your target risk tolerance — software should turn that gap into an actionable, assigned backlog.
  • NIST's Generative AI Profile (NIST AI 600-1, published July 2024) adds 12 GenAI-specific risk categories — hallucination, data privacy, IP, prompt injection and more — that RMF software should also track for any organization using generative AI.
  • The real cost comparison against spreadsheets isn't features — it's how fast you can produce a current, defensible risk profile when a customer, insurer or regulator asks for one.

What NIST AI RMF Software Actually Automates

At its core, NIST AI RMF software takes the framework's four functions — Govern, Map, Measure, Manage — and their subcategories, and turns them into a structured system: a place to register AI systems, assess them against RMF subcategories, record measurement evidence, and track risk treatment decisions, all tied to a specific system rather than living in a static spreadsheet or a Word document nobody updates.

Mapping Software to Govern, Map, Measure and Manage

FunctionWhat software should track
GovernAI policy versions, defined roles, risk tolerance statements, applicable across every system
MapPer-system context: purpose, users, data sources, and potential impacts
MeasureTesting results, benchmarks, red-teaming findings, and ongoing monitoring metrics
ManageRisk treatment decisions, residual risk sign-off, and incident response records

AI RMF Profiles: How Software Should Help You Build One

NIST uses the term “profile” to describe a specific implementation of the RMF functions for a given use case or sector — in practice, it's the gap between your current profile (where your AI systems actually stand) and your target profile (where your risk tolerance says they should be). Software's job is making that gap visible and actionable per system, not just describing it in the abstract.

Current profileWhere your AI systems stand todayTarget profileWhere your risk tolerance says youGapWhat software
A NIST AI RMF 'profile' is just the gap between where you are and where your risk tolerance says you should be.

Don't Forget the Generative AI Profile

If your organization builds or deploys generative AI, NIST’s companion Generative AI Profile (NIST AI 600-1), published in July 2024, maps the same four RMF functions to 12 GenAI-specific risk categories — including confabulation (hallucination), data privacy, information security (prompt injection), intellectual property, and human-AI configuration (over-reliance and automation bias). RMF-mapped software used for GenAI systems should track these 12 categories explicitly, not just the general RMF structure.

Continuous Monitoring: Where Automation Helps Most

The Measure and Manage functions are meant to be ongoing, not one-time assessments — a model's risk profile shifts as it's retrained, as usage patterns change, or as new failure modes are discovered in production. This is where software earns its value most clearly: scheduled re-assessment reminders and a live risk register beat a PDF risk assessment that quietly goes stale six months after it was written.

Why Subcategory-Level Tracking Actually Matters

The four function names hide real depth: 19 categories and 72 subcategories across the full Core (Govern 6/19, Map 5/18, Measure 4/22, Manage 4/13). Software that only scores at the function level — a single "Govern: 70%" number — hides exactly which of the 19 subcategories under Govern are actually incomplete.

Tracking depthWhat it tells you
Function-level onlyVague — 'Measure is 60% done' doesn't say what's missing
Category-levelBetter — identifies which of the 4-6 categories per function need work
Subcategory-levelActionable — points to the specific outcome still missing, assignable to an owner

NIST AI RMF Software and Government Procurement

Federal agencies and contractors increasingly reference NIST frameworks, including the Generative AI Profile, in procurement and solicitation language, even though adoption remains voluntary for the private sector. Organizations selling into government or heavily regulated enterprise buyers should treat RMF-mapped evidence as something they may need to produce during a sales or procurement process, not just an internal risk exercise.

Connecting RMF Software to Existing Security Tooling

The Measure function often draws on data that already exists elsewhere — vulnerability scanning, red-team findings, model evaluation results. RMF software doesn't need to generate this data itself; it needs to make it easy to attach and map that evidence to the right subcategory, so Measure reflects real testing rather than becoming a second, disconnected place to redescribe work already done.

Evaluating NIST AI RMF Software: A Vendor Checklist

  • Does the platform map to the RMF's actual subcategories, or just a generic 'risk score' with RMF branding attached?
  • Can you define your own target profile and risk tolerance, or is it a fixed, one-size-fits-all model?
  • Is the Generative AI Profile's 12 risk categories supported for organizations using GenAI?
  • Does Govern stay visibly connected to Map/Measure/Manage, or is it treated as a one-time setup step?
  • How easily can you produce a current risk profile export for a customer, insurer or auditor on request?

NIST AI RMF Software vs. Manual Spreadsheets: A Real Cost Comparison

Manual spreadsheetRMF-mapped software
Time to produce a current risk profile on requestDays — requires manually reassembling scattered updatesMinutes — always current if maintained continuously
Consistency across multiple AI systemsDepends entirely on the person maintaining itEnforced by structure — every system follows the same fields
Tracking GenAI-specific risks (NIST AI 600-1)Usually absent unless manually addedBuilt in, if the vendor supports it
Audit trail of risk decisions over timeEasy to lose in version history or email threadsNative — timestamped and attributable

Getting Started: The First Three Things to Do

  1. Register your AI systems and assign each an owner — you can't build a profile for a system nobody owns.
  2. Run an initial Map assessment per system to establish your current profile before setting a target.
  3. Set a review cadence for Measure and Manage — quarterly is common for higher-risk systems — so the profile doesn't go stale the way a one-time spreadsheet does.

Rolling Out Across Multiple AI Systems

The first registered system is always the easy case — one owner, one clear context, a manageable Measure plan. The real test of RMF software is what happens at the tenth or fiftieth system, once different teams are registering systems with different levels of rigor and different interpretations of what "current profile" actually means for their use case.

Rollout stageWhat tends to break without good software
5-10 systemsInconsistent scoring — different teams interpret likelihood/impact differently
10-30 systemsStale profiles pile up faster than anyone notices without automated reminders
30+ systemsNo portfolio view — leadership can't see which systems are actually current

Good software addresses this with structured intake (so every system starts from the same template), scheduled review reminders tied to risk tier, and a portfolio-level dashboard that surfaces stale or incomplete profiles before they become a problem during an external review.

Vendor Red Flags Specific to RMF Software

  • Marketing that says "NIST compliant." The RMF isn't a certifiable standard — there's nothing to be "compliant" with in a formal sense, so this phrasing is itself a signal the vendor may not understand the framework's actual nature.
  • No visibility into subcategories. If a demo only ever shows function-level scores, ask directly to see a specific subcategory before assuming the mapping goes deeper.
  • A generic "AI risk" module bolted onto unrelated GRC software. Purpose-built RMF software tends to organize its entire data model around the four functions; a bolted-on module often doesn't.

How Unorma Maps to the NIST AI RMF

Where Unorma fits

Unorma’s NIST AI RMF framework maps directly to Govern, Map, Measure and Manage, with gap analysis turning your current-vs-target profile gap into assigned tasks. Read the companion piece on the NIST AI RMF Playbook for how the underlying framework is structured.

Frequently asked questions

Does NIST provide its own official software for the AI RMF?

No. NIST publishes the AI RMF and its Playbook as guidance documents. Software that implements the framework is built by third-party vendors, so it's worth verifying exactly how closely any given tool maps to the RMF's actual structure.

What is a NIST AI RMF 'profile' in practice?

It's the gap between your current risk posture (current profile) and your risk tolerance (target profile) for a given AI system or use case. Software should track both and make the gap between them actionable.

Do we need to worry about the Generative AI Profile if we only use traditional ML models?

NIST AI 600-1 specifically addresses generative AI risks like hallucination and prompt injection, which don't apply the same way to traditional predictive models. If you don't use generative AI, the core RMF functions still apply, but the GenAI-specific profile is less relevant.

Is NIST AI RMF software only useful for US-based companies?

No — while the RMF is a US framework, its risk management logic maps closely enough to the EU AI Act's risk management requirements and ISO 42001's clause 6 that many non-US organizations use RMF-aligned tooling as their core risk process and layer other frameworks on top.

Why does subcategory-level tracking matter more than a single function score?

A single 'Govern: 70% complete' score doesn't tell you which of Govern's 19 subcategories still need work. Subcategory-level tracking turns a vague percentage into a specific, assignable action.

Does NIST AI RMF alignment matter for government procurement even though it's voluntary?

Increasingly yes — federal agencies and contractors reference NIST frameworks, including the Generative AI Profile, in procurement language, so vendors selling into government or regulated enterprise buyers may need to produce RMF-aligned evidence during sales cycles.

What breaks first when rolling RMF software out across many AI systems?

Consistency — different teams tend to interpret likelihood and impact differently without a structured, shared intake template, which is why scoring consistency is one of the first things to check as system count grows.

Is 'NIST compliant' a meaningful claim for a vendor to make?

Not really — the RMF isn't a certifiable standard, so there's nothing to formally be 'compliant' with. Vendors using that exact phrasing may not fully understand the framework's voluntary, guidance-based nature.

About the author

Zofia Kubiak
Zofia Kubiak

Compliance Specialist

Compliance specialist focused on management-system standards and risk frameworks, helping teams turn certification requirements into working programs.

View full profile