RegCore.AIRegCore.AI
United StatesAI governancePublished January 2023 · GenAI Profile July 2024
NIST AI RMF 1.0

AI Risk Management Framework

Govern / Map / Measure / Manage. Profileable to any jurisdictional overlay.

Depth of coverage

What we know in this framework.

The specific clauses, articles, appendices and supervisory expectations we work against — anchored to primary source and maintained as the regime evolves.

01Govern functions
02Map-Measure-Manage cycle
03Generative profile
04Playbook crosswalks
How we cover it

How the firm carries NIST AI RMF 1.0 into client work.

NIST AI RMF 1.0 is read against the services below. Each one draws on the same compliance intelligence layer — indexed to primary source, versioned alongside the regulator, and carried into the engagement.

AI GovernanceSenior advisory on the governance an AI-era regulator will actually examine — policies, roles, risk tiering, validation cadence.
  • Auditable AI inventory indexed to primary-source obligations
  • Governance charter, RACI, and human sign-off gates that survive examination
  • Model and agent cards indexed to regulator clauses
Open the service →AI-Enabled Compliance ImplementationThe engagement arm where digital compliance officers sit inside your workflow, drafting under human sign-off.
  • Digital compliance officers scoped to your programme
  • Evidence captured at the point of work, not reconstructed after
  • Control library indexed to the obligations your supervisor reads
Open the service →
Related playbooks

Playbooks that ship against NIST AI RMF 1.0.

Each playbook walks from discovery through artifact — phases, controls, evidence. Agents assist the mechanical steps; specialists own the sign-off.

NIST AI RMF 1.0 · Assessment

NIST AI RMF Profile Playbook

Govern / Map / Measure / Manage — profiled to your sector, your use cases and the frameworks your regulators read.

Read the playbook →Cross-framework · Controls

Agentic AI Governance Playbook

Multi-step autonomous agents, tool-calling chains, and the oversight these systems demand. Agent cards, action budgets, kill switches.

Read the playbook →Cross-framework · Documentation

RAG Assurance Playbook

Retrieval-augmented generation has its own attack surface — source provenance, index drift, poisoning risk. Control it.

Read the playbook →Cross-framework · Vendor

Foundation Model Due Diligence Playbook

Bringing a GPAI, Claude, GPT, Gemini, Llama or sovereign model into scope — the diligence a regulated deployer is now expected to perform.

Read the playbook →Cross-framework · Monitoring

Continuous Control Monitoring Playbook

Drift, performance, outcome and complaint monitoring in one pipeline — outputs a supervisor can act on.

Read the playbook →

Map your posture against NIST AI RMF 1.0.

Bring us your current documentation, controls and inventory. We will map them clause by clause against NIST AI RMF 1.0 — and against every other regime your portfolio touches — and produce the evidence artifact your supervisor will read.

Speak with a partnerBack to all frameworks →