Exploring the NIST AI risk management framework and working group

A voluntary framework to support companies navigating the AI risk landscape.

Artificial intelligence (AI) has been rapidly transforming industries and reshaping our daily lives by ushering in unprecedented opportunities for automation. Naturally, this has come with some challenges. While AI’s potential is immense, the potential ethical, security, and compliance implications should be carefully examined.

The need for effective governance and guidance is paramount, and, in the absence of federal legislation addressing these concerns, organizations must look to authoritative sources for guidance. Enter the National Institute of Standards and Technology (NIST).

NIST, a renowned federal agency of the US Department of Commerce known for establishing standards and guidelines, has taken a proactive stance on AI. One of its notable contributions is the NIST AI Risk Management Framework. This framework, while voluntary, provides invaluable support for companies navigating the complex AI landscape.

Purpose of the Risk Management Framework

The NIST AI Risk Management Framework was designed to help organizations identify, assess, and manage the risks associated with AI technologies. It offers a structured approach to ensuring the responsible and secure use of AI.

Key components of the framework include the following:

  • Risk Assessment: Helping organizations evaluate AI-related risks and their potential impact.
  • Documentation: Encouraging thorough documentation of AI systems, their components, and data sources.
  • Continuous Monitoring: Promoting ongoing monitoring and adaptation to evolving AI risks.

Businesses adopting the NIST AI Risk Management Framework stand to gain in several key areas, as following the framework will help them to enhance security and compliance, improve trust with customers and partners, and reduce the risks associated with AI deployment.

Public Working Group on AI

In addition to the framework, the US Secretary of Commerce Gina Raimondo introduced the NIST Public Working Group on AI earlier this year. The working group is a collaborative effort aimed at addressing various aspects of AI.

The NIST Public Working Group on AI has been introduced primarily to perform the following duties:

  • Provide Guidance: Offering insights and recommendations to organizations engaged in developing, deploying, and using generative AI.
  • Foster Collaboration: Encouraging dialogue and cooperation among stakeholders in the AI ecosystem.
  • Support Innovation: Promoting innovation while ensuring responsible AI practices.

This also presents an opportunity for businesses to get involved and support the working group, which will allow them to have access to the leading voices in AI for guidance and best practices, as well as an opportunity to influence AI policy and standards and network with peers and policymakers.

As AI continues its rapid evolution, it’s likely that federal legislation will catch up with the technology. The efforts of NIST and its working group will be instrumental in shaping this future.

In a world where AI is becoming ubiquitous, businesses must navigate the complex landscape responsibly and ethically. The NIST AI Risk Management Framework and NIST Public Working Group on AI offer valuable tools and resources for achieving these goals. By embracing these initiatives, organizations can not only mitigate risks, but also lead the way in shaping the future of AI governance.

Don Shelkey is the global leader of the technology transactions, outsourcing, and commercial contracts (TOC) practice; Charlotte Roxon is an associate and focuses her practice on commercial and technology transactions, Morgan Lewis.