Anchors facilitation workshops to NIST's voluntary Artificial Intelligence Risk Management Framework (AI RMF 1.0, formally NIST.AI.100-1 with DOI https://doi.org/10.6028/NIST.AI.100-1): the playbook issued alongside the Framework emphasizes structuring programs around the mutually reinforcing core functions GOVERN → MAP → MEASURE → MANAGE rather than improvising unrelated security tickets. NIST contemporaneously publishes companion assets such as the Trustworthy AI Resource Center playbook (airc.nist.gov), roadmap, crosswalks, and—for generative workloads—the Generative Artificial Intelligence Profile (NIST AI 600-1, July 26, 2024, DOI https://doi.org/10.6028/NIST.AI.600-1)—so teams can reconcile novel failure modes against documented categories of trustworthiness. This operational skill folds those authoritative layers into scripted prompts for cross-functional councils that must evidence documentation, escalation paths, quantitative trustworthiness analyses, prioritized mitigations, and alignment with externally referenced stakeholder expectations—not marketing slides.
Use cases
- Quarterly readiness reviews ahead of widening production rollouts backed by pretrained models
- Board-level preparedness exercises asking how incident command maps to trustworthy AI pillars
- Procurement questionnaires requiring traceable linkage between vendor claims and statutory expectations
- Post-incident retrospectives aligning mitigation owners with Manage-stage accountability
- Joint safety reviews combining security, fairness, privacy, and reliability guilds onto one rubric
Key features
- GOVERN — document policies, accountable roles (including delegated third parties), escalation triggers, stakeholder engagement cadence, oversight of supply-chain attestations referenced in Framework guidance, plus communication strategies for materially adverse trustworthy-AI incidents.
- MAP — characterize context: intended benefits, foreseeable misuses/dual uses, socio-technical environment, lifecycle stage, autonomy levels, downstream deployers impacted, mappings to Map-stage categories so risks do not linger as vague intuitions.
- MEASURE — select analytic methods (human review, experimentation, benchmarking, telemetry) proportional to credible trustworthiness hazards; capture baselines/residual uncertainties and align metrics with Measurement guidance without inventing KPIs orthogonal to articulated risks.
- MANAGE — prioritize mitigations proportional to aggregated risk, lifecycle stage, stakeholder tolerance, feasibility, and interplay with other safeguards; articulate reassessment cadences when models, data slices, jurisdictions, or business models shift.
- Generative overlays — whenever foundation-model capabilities are invoked, reconcile risk registers with AI 600-1 profiling guidance (risk themes + suggested actions enumerated in DOI-listed publication).
- Evidence packaging — summarize outputs as living registers mapping each core function deliverable → owner → evidence hyperlink (policy URL, evaluator dataset hash, ticketing ID) satisfying audit trail expectations.
When to Use This Skill
- Before expanding AI systems beyond narrowly scoped pilots impacting safety or fairness outcomes
- When regulators/customers cite AI RMF as an acceptable lingua franca for voluntary assurance
- After acquiring another model pipeline where documentation gaps remain post-due diligence
Expected Output
A Govern/Map/Measure/Manage matrix with prioritized actions, timelines, KPI owners, linkage to authoritative NIST references (including Generative Profile where applicable), and explicit statements of residual uncertainties.
Frequently Asked Questions
- Does adopting AI RMF create new legal mandates inside the Framework text?
- No—AI RMF 1.0 is positioned as voluntary; obligations still originate from statutes, contracts, or sector regimes you already face.
- How does AI 600-1 differ from AI RMF 1.0?
- AI 600-1 publishes a complementary profile tailoring typical generative-AI hazards to illustrative controls; leverage it alongside—not instead of—the core functions unless your risk surface is negligible.
- Can we cite this skill instead of SOC2 auditors?
- No—this summarizes public NIST material; auditors still evaluate attestation specifics against mutually agreed frameworks.
Related
Related
3 Indexed items
Agentic workflow design
Structures multi-step agent tasks with explicit inputs, outputs, fallback behavior, and handoff protocols so agents reliably complete complex workflows instead of stopping at the first blocker. Agentic workflow design applies software engineering discipline to AI agent pipelines, treating each step as a function with typed inputs and outputs.
Multi-agent handoff design
Designs clean handoff protocols between specialized agents so work passes between planner, coder, reviewer, and executor agents without losing context, creating circular dependencies, or introducing race conditions. Handoff design treats agent-to-agent communication as an API contract with versioning, error handling, and explicit acknowledgment requirements.
OWASP GenAI LLM Top 10 (v1.1) threat review checklist
Maps the authoritative OWASP "Top 10 for Large Language Model Applications" (version 1.1) taxonomy—LLM01 Prompt Injection through LLM10 Model Theft—into an actionable readiness checklist for architects red-teaming Retrieval-Augmented Generation, Agents, plugins, training pipelines, or hosted inference gateways. Official project pages summarize each risk bucket (prompt injection bypassing safeguards, unchecked outputs enabling downstream exploits, poisoned corpora distorting reasoning, abusive workloads starving capacity, brittle supply-chain dependencies, sensitive data resurfacing inside generations, excessively privileged plugins/agents/autonomy, misplaced trust producing compliance failures, loss of proprietary model weights via API abuse). The skill pairs each category with tangible controls (policy, monitoring, toolchain limits) anchored to genai.owasp.org releases rather than anecdotes.