Compliance · NIST AI RMF 1.0 · Agentic AI
The framework asks four questions. For agents that act, Manage is the one with teeth.
The NIST AI Risk Management Framework, version 1.0 (NIST AI 100-1, released January 2023) with the Generative AI Profile (NIST AI 600-1, released July 2024), is voluntary. It is also the framework most procurement teams and regulators reach for first when they need a defensible shape to evaluate AI against. Its four functions, Govern, Map, Measure, Manage, are not a checklist. They are a posture. The Manage function is where an agent that acted, on a real system, has to leave a record.
§ 01 The four functions
Voluntary, not optional. The framework most teams are graded against.
NIST AI RMF 1.0 organizes AI risk into four functions: Govern (the organization's authority and culture for AI), Map (the context and risks of a specific AI system), Measure (the methods used to assess those risks), and Manage (the controls and the evidence that they were applied). The Generative AI Profile, NIST AI 600-1, layers the same four-function shape onto the risks specific to generative and agentic AI: model misuse, data privacy, output integrity, and the new attack surfaces that come with autonomy.
The framework is voluntary. It is also the language regulators reach for, the language procurement uses in due diligence, and the language internal AI governance committees write their policies in. An organization that cannot speak the four functions during an examination has a longer conversation.
Govern, Map, and Measure can be documented in a deck. Manage cannot. Manage requires the record.
§ 02 The evidence
What Manage looks like for an agent that acted.
The substrate makes the Manage function a property of the action. Every agent action is attributed to a specific agent under a specific policy you write, and hash-chained into a tamper-evident audit trail kept inside your boundary. That is the durable record Manage assumes was kept.
This material is informational, not legal or regulatory advice. NIST AI RMF 1.0 is voluntary; its application to a specific organization depends on context. The substrate produces the record; it does not by itself make a program compliant or aligned. Assess your specific obligations with qualified counsel.
§ 03 Questions
NIST AI RMF and agentic AI, answered.
What is NIST AI RMF 1.0, and how does the Generative AI Profile relate to it?
NIST AI RMF 1.0 (NIST AI 100-1) is the National Institute of Standards and Technology's voluntary AI risk-management framework, released January 2023. It organizes AI risk into four functions: Govern, Map, Measure, Manage. The Generative AI Profile (NIST AI 600-1, released July 2024) is a supplementary layer that applies the same four-function shape to generative AI specifically. There is no formal NIST AI RMF 2.0. Profile-layer concept notes released since 1.0, including the Trustworthy AI in Critical Infrastructure concept (2026), are supplementary, not version bumps.
Is NIST AI RMF mandatory?
No, it is voluntary. It is also the framework that regulators, procurement teams, and internal AI governance committees most often reach for when they need a defensible shape to evaluate an AI system against. Voluntary in writing, expected in practice.
What does the substrate produce against the Manage function?
Every agent action is attributed to a specific agent under a specific policy you write, hash-chained into a tamper-evident audit trail kept inside your boundary. Policy violations, refusals, escalations, and approvals are recorded as durable events alongside actions. That is the kind of evidence the Manage function assumes was maintained as the program operated.
Is this legal or regulatory advice?
No. This material is informational. The substrate produces the record; it does not by itself align a program to NIST AI RMF or any other framework. Assess your specific posture with qualified counsel and your internal AI governance function.