CanucktAI
Glossary

NIST AI Risk Management Framework

The NIST AI Risk Management Framework (AI RMF 1.0) is a voluntary U.S. framework that helps organizations identify, assess, and manage AI risks through four functions: Govern, Map, Measure, and Manage.

Released in January 2023 by the U.S. National Institute of Standards and Technology, the AI RMF is voluntary and technology-neutral. It organizes AI risk work into four functions:

  • Govern — build a culture of risk management and clear accountability.
  • Map — understand the context and identify risks of each AI system.
  • Measure — analyze, benchmark, and track those risks.
  • Manage — prioritize and act on risks throughout the lifecycle.

It is widely used as a practical scaffold even outside the U.S., and it pairs well with certifiable standards like ISO/IEC 42001. See the NIST AI RMF page for the framework and its companion playbook.

Our own compliance

We run our own compliance programme inside Valdra — the product we sell. Our SOC 2, ISO 27001 and ISO 42001 programmes are actively in progress; we do not claim certifications we do not yet hold.

Valdra compliance badge — click to verify
  • PIPEDA
  • Law 25 (Quebec)
  • CASL
  • Data hosted in Canada 🇨🇦
  • AI governance
View our Trust Centre

Self-declared, not audited by a third party. Click the badge to verify it is genuine and see what it covers.

NIST AI Risk Management Framework — definition | Canuckt AI