The NIST AI Risk Management Framework (AI RMF) 1.0 is a voluntary US framework published by the National Institute of Standards and Technology in January 2023. It provides guidance for managing AI risk across four functions — Govern, Map, Measure, and Manage — and is non-certifiable.
ISO/IEC 42001:2023, Information technology — Artificial intelligence — Management system, is a voluntary international standard published by ISO and IEC in December 2023. It specifies requirements for establishing, implementing, maintaining, and continually improving an AI Management System (AIMS), and certification against it is granted by accredited certification bodies.
The AI RMF supplies substantive methodology for AI risk management while ISO/IEC 42001 supplies the management system structure. The two are complementary by design since they address adjacent dimensions of AI governance and are widely used together.
“The AI RMF is intended for voluntary use and to improve the ability to incorporate trustworthiness considerations into the design, development, use, and evaluation of AI products, services, and systems.” — NIST AI RMF 1.0, Foreword
“This document specifies the requirements and provides guidance for establishing, implementing, maintaining and continually improving an AI management system within the context of an organization.” — ISO/IEC 42001:2023, Clause 1 (Scope)
Key definitions
| Term | AI RMF meaning | ISO/IEC 42001 meaning |
|---|---|---|
| AI system | An engineered system generating outputs for human-defined objectives | An engineered system generating outputs — content, forecasts, recommendations, decisions — for human-defined objectives |
| AI Management System | Not a defined concept | The set of interrelated elements of an organisation to establish policies, objectives, and processes to achieve those objectives in relation to AI (Clause 3) |
| Risk | Effect of uncertainty on objectives, addressed across four functions | Effect of uncertainty on objectives, addressed through risk assessment, treatment, and the Annex A controls |
| Function | One of the four top-level structural elements: Govern, Map, Measure, Manage | Not a concept in ISO 42001 |
| Subcategory | The framework’s most granular outcome level (e.g. Govern 1.1) | Not a concept — ISO 42001 uses clauses and Annex A controls |
| Statement of Applicability (SoA) | Not a concept in the AI RMF | The document recording, for each Annex A control, whether it applies, the justification, and implementation status (Clause 6.1.3) |
| Profile | Use-case or sector-specific adaptation of the AI RMF | Not a concept in ISO 42001 |
| Certification | Not available (non-certifiable framework) | Granted by accredited certification bodies; valid for three years subject to annual surveillance |
What each instrument provides
The two instruments are designed differently and produce different outputs.
| Dimension | AI RMF | ISO/IEC 42001 |
|---|---|---|
| Type | Voluntary framework / guidance | Voluntary international standard |
| Origin | US National Institute of Standards and Technology | ISO/IEC Joint Technical Committee 1, Subcommittee 42 |
| Certifiable | No — self-attestation; optional third-party assessment | Yes — accredited certification body audit, three-year certificate |
| Structure | Four functions, categories, subcategories | Ten clauses (Annex SL high-level structure) plus Annex A controls |
| Output of adoption | Documented implementation across the four functions; profile publication; self-attestation | Certified AIMS; Statement of Applicability; audit records |
| Authority over implementation | NIST publishes; users adopt voluntarily | ISO/IEC publish; certification bodies audit; accreditation bodies oversee |
| Substantive methodology depth | Detailed (Playbook provides suggested actions for each subcategory) | Moderate (Annex B provides implementation guidance for each Annex A control) |
| External attestation | Self-attestation or third-party assessment | Accredited certification with widely recognised certificate |
The AI RMF goes further than ISO 42001 on substantive methodology. The seven trustworthy AI characteristics, the twelve generative AI risks in NIST AI 600-1, and the Playbook’s suggested actions provide a depth of substantive content that ISO 42001 — by design technology-neutral and methodology-neutral — does not specify. ISO 42001 goes further than the AI RMF on management system structure. The Annex SL clauses, the Statement of Applicability mechanism, the certification cycle, and the integration pathway with ISO 27001 and ISO 9001 provide a structural rigour the AI RMF does not impose.
Where NIST AI RMF and ISO 42001 substance overlaps
The two instruments address substantially the same territory. Both cover risk, lifecycle, impact, governance, transparency, third-party AI, monitoring, and trustworthiness. The mapping below traces the four AI RMF functions to the ISO 42001 clauses and Annex A controls they most closely correspond to. The correspondences are approximate — NIST publishes crosswalks providing more detailed mappings.
Govern function
| AI RMF category | ISO/IEC 42001 element |
|---|---|
| Govern 1 — Policies, processes, procedures | Clause 5.2 (AI policy); Annex A.2 (Policies related to AI) |
| Govern 2 — Accountability structures | Clause 5.3 (Roles, responsibilities, authorities); Annex A.3 (Internal organisation) |
| Govern 3 — Workforce diversity, equity, inclusion, accessibility | Clause 7.2 (Competence); Clause 7.3 (Awareness) — DEI integration is partial |
| Govern 4 — Organisational culture | Clause 5.1 (Leadership commitment); Clause 7.3 (Awareness) |
| Govern 5 — Engagement with AI actors | Clause 4.2 (Interested parties); Clause 7.4 (Communication); Annex A.8 (Information for interested parties) |
| Govern 6 — Third-party processes | Annex A.10 (Third-party and customer relationships) |
Map function
| AI RMF category | ISO/IEC 42001 element |
|---|---|
| Map 1 — Context | Clause 4.1 (Context of the organisation); Clause 4.3 (AIMS scope) |
| Map 2 — Categorisation of the AI system | Annex A.6.1.2 (Objectives for responsible development); A.6.2.2 (System requirements and specification) |
| Map 3 — Capabilities, targeted usage, goals, benefits, costs | Annex A.6.2.2 (System requirements); A.9.4 (Intended use) |
| Map 4 — Risks and benefits including third-party components | Clause 6.1.2 (AI risk assessment); Annex A.10 (Third-party relationships); A.7 (Data for AI systems) |
| Map 5 — Impacts on individuals, groups, communities, organisations, society | Clause 6.1.4 (AI system impact assessment); Annex A.5 (Assessing impacts of AI systems) |
Measure function
| AI RMF category | ISO/IEC 42001 element |
|---|---|
| Measure 1 — Appropriate methods and metrics | Clause 9.1 (Monitoring, measurement, analysis and evaluation) |
| Measure 2 — Evaluation for trustworthy characteristics | Annex A.6.2.4 (Verification and validation); A.6.2.6 (Operation and monitoring); A.7.4 (Data quality) |
| Measure 3 — Tracking identified AI risks | Clause 8.2 (Recurring risk assessment); Annex A.6.2.6; A.6.2.8 (Event logs) |
| Measure 4 — Feedback about efficacy of measurement | Clause 9.1; Clause 10.1 (Continual improvement) |
Manage function
| AI RMF category | ISO/IEC 42001 element |
|---|---|
| Manage 1 — Risks prioritised, responded to, managed | Clause 6.1.3 (Risk treatment); Clause 8.3 (Risk treatment implementation) |
| Manage 2 — Strategies for benefits and impacts | Clause 6.2 (AI objectives); Annex A.5; A.9 (Use of AI systems) |
| Manage 3 — Third-party risks and benefits managed | Annex A.10 (Third-party and customer relationships) |
| Manage 4 — Risk treatments documented, monitored, improved | Clause 8.3; Clause 10.2 (Nonconformity and corrective action); Annex A.8.4 (Communication of incidents) |
Where NIST AI RMF and ISO 42001 structures differ
Substantive overlap does not mean structural equivalence. Five structural differences shape implementation.
Certification versus self-attestation
ISO/IEC 42001 produces a certificate from an accredited certification body. The certificate is valid for three years subject to annual surveillance and is widely recognised in procurement, regulatory, and contractual contexts. The AI RMF produces no certificate. Adoption is documented internally and through self-attestation; third-party assessment services exist but are not equivalent to ISO certification.
| What you get | AI RMF | ISO/IEC 42001 |
|---|---|---|
| Document | Internal implementation records; optional profile; optional third-party report | Certificate from accredited certification body |
| External weight | Reputational; variable depending on assessment quality | High — recognised by customers, regulators, partners globally |
| Cost | Adoption effort only (no certification fees) | Adoption effort plus certification body fees (typically £20,000–£60,000 over three years for mid-sized organisations) |
Statement of Applicability
ISO/IEC 42001 requires a Statement of Applicability (SoA) — a document listing each of the 38 Annex A controls, declaring whether it applies, justifying inclusion or exclusion, and recording implementation status. The SoA is the working surface of certification audits.
The AI RMF has no equivalent. Subcategories are not selected or excluded in the way Annex A controls are; the framework expects organisations to apply the four functions and to determine subcategory relevance through context. Where ISO 42001 produces a normative document tying risk treatment to specific controls, the AI RMF produces a documented profile of the organisation’s adaptation of the framework.
Annex SL high-level structure
ISO/IEC 42001 follows the Annex SL high-level structure shared with ISO/IEC 27001, ISO 9001, and other ISO management system standards. This shared structure is the mechanism by which ISO 42001 integrates with existing management systems — shared leadership commitment, shared documented information control, shared internal audit and management review.
The AI RMF is structurally distinct. The four functions do not correspond to Annex SL clauses, and the framework was not designed to integrate with ISO management systems at the structural level. Organisations using both adopt the AI RMF as substantive methodology within an ISO 42001 management system rather than treating them as parallel structures.
Auditability
ISO/IEC 42001 is designed for external audit. Documented information control under Clause 7.5, the SoA mechanism under Clause 6.1.3, internal audit under Clause 9.2, and management review under Clause 9.3 produce the evidence base certification audits sample.
The AI RMF is designed for adoption and self-assessment. Documentation considerations in the Playbook support external attestation, but the framework does not impose audit-grade evidence requirements. Organisations seeking external verification of AI RMF adoption typically supplement the framework with audit-supporting documentation.
Geographic recognition
ISO/IEC 42001 is an international standard. Certification is granted by accredited certification bodies under ISO/IEC 17021-1 and is recognised globally through the IAF MLA. The AI RMF is a US federal framework. Its substantive content is internationally applicable and widely adopted outside the US, but it does not carry equivalent international recognition as a certifiable instrument.
How organisations use NIST AI RMF and ISO 42001 together
The dominant adoption pattern is to use the AI RMF as methodology source within an ISO/IEC 42001 management system. Three operational arrangements recur.
Arrangement 1: AI RMF supplies the substantive content of ISO 42001 Clauses 6 and 8
ISO 42001 specifies that the organisation must perform AI risk assessment (Clause 6.1.2), risk treatment (Clause 6.1.3), and impact assessment (Clause 6.1.4). It does not specify methodology. The AI RMF supplies methodology — Map activities for risk identification and characterisation, Measure activities for risk analysis and tracking, Manage activities for risk treatment decisions.
| ISO 42001 obligation | AI RMF input |
|---|---|
| Clause 6.1.2 AI risk assessment | Map 4 (component-level risk and benefit), Measure 1 and 2 |
| Clause 6.1.4 Impact assessment | Map 5 (impacts on individuals, groups, communities, organisations, society) |
| Clause 8.2 Recurring risk assessment | Measure 3 (tracking identified AI risks) |
| Annex A.6.2.4 V&V | Measure 2 (trustworthy characteristics evaluation) |
| Annex A.6.2.6 Operation and monitoring | Measure 3, Manage 4 |
The trustworthy AI characteristics function as the substantive vocabulary for the AIMS — adopted as AI objectives under Clause 6.2, integrated into the impact assessment methodology, and used as the framework for V&V activities.
Arrangement 2: ISO 42001 provides the management system structure the AI RMF lacks
The AI RMF specifies what an organisation should achieve under each subcategory but does not impose management system structure. ISO 42001’s clauses provide that structure — leadership commitment, scope, documented information control, competence, communication, monitoring, internal audit, management review, corrective action.
| AI RMF requirement | ISO 42001 structure |
|---|---|
| Govern 1 — Policies, processes | Clause 5.2 AI policy; Clause 7.5 documented information control |
| Govern 2 — Accountability | Clause 5.3 roles and authorities |
| Govern 4 — Culture | Clause 5.1 leadership commitment; Clause 7.3 awareness |
| Measure 4 — Feedback about efficacy | Clause 9.1 monitoring; Clause 9.2 internal audit; Clause 9.3 management review |
| Manage 4 — Risk treatments improved | Clause 10.1 continual improvement; Clause 10.2 nonconformity and corrective action |
Organisations using ISO 42001 as the structural frame produce an integrated implementation: AI RMF activities operate within the management system, governed by ISO 42001 clauses, evidenced through documented information that audits sample.
Arrangement 3: NIST AI 600-1 supports specific AIMS work for generative AI
For organisations developing or deploying generative AI, the Generative AI Profile (NIST AI 600-1) provides risk identification and suggested actions specific to generative AI use cases. Within an ISO 42001 AIMS, the profile supports:
| ISO 42001 element | NIST AI 600-1 contribution |
|---|---|
| Clause 6.1.2 risk assessment | The twelve generative AI risks as starting points for risk identification |
| Annex A.5 impact assessment | Suggested actions covering impact characterisation for generative AI |
| Annex A.6.2.4 V&V | Suggested actions covering generative-AI-specific evaluation techniques |
| Annex A.7 data governance | Suggested actions covering training data governance, provenance, IP |
| Annex A.10 third-party | Suggested actions covering foundation model procurement and integration |
The profile is used as supplementary methodology within the AIMS, not as a replacement for Annex A controls or for the Statement of Applicability.
Practical NIST AI RMF and ISO 42001 sequencing
Most organisations encounter the two instruments in a sequence shaped by business context. Three patterns recur:
| Pattern | Description |
|---|---|
| AI RMF first, ISO 42001 added | Organisations with US presence or US federal contracting exposure adopt the AI RMF first, then pursue ISO 42001 certification when EU market access, customer requirements, or governance maturity make it valuable. The AI RMF implementation provides the substantive foundation the AIMS builds on. |
| ISO 42001 first, AI RMF supplements methodology | Organisations pursuing certification adopt ISO 42001 first and bring in the AI RMF as the methodology source the standard assumes but does not specify. Common where ISO 27001 or ISO 9001 maturity makes ISO 42001 the natural extension. |
| Parallel adoption | Organisations building AI governance from scratch with multi-jurisdictional exposure adopt both simultaneously — the AI RMF for methodology, ISO 42001 for the management system and external attestation. |
The third pattern is increasingly common for organisations with EU market exposure where ISO 42001 certification supports EU AI Act conformity work and the AI RMF provides the substantive methodology.
Practical considerations for organisations using both NIST AI RMF and ISO 42001
Five considerations recur in integrated implementations:
| Consideration | Practical implication |
|---|---|
| Vocabulary alignment | The two frameworks use overlapping but not identical terminology. Choose one vocabulary as primary — typically ISO 42001 because the SoA and audit documentation depend on it — and map AI RMF terms to it. |
| Documentation alignment | AI RMF Playbook documentation considerations should be structured to satisfy ISO 42001 documented information requirements under Clause 7.5. |
| Risk assessment methodology | The methodology must satisfy both the AI RMF (Map and Measure structure) and ISO 42001 (Clause 6.1.2 documented methodology, risk criteria, traceability to SoA). |
| Impact assessment scope | The AI RMF addresses impacts across five levels (individuals, groups, communities, organisations, society); ISO 42001 addresses three (individuals, groups, societies). Use the broader AI RMF scope to satisfy both. |
| Statement of Applicability for AI RMF activities | The SoA is an ISO 42001 mechanism. Document AI RMF activities as inputs to the SoA, with AI RMF subcategories mapped to the Annex A controls they support. |
NIST AI RMF and ISO/IEC 42001 resource references
The primary references for working with both instruments:
| Resource | Source |
|---|---|
| NIST AI RMF 1.0 | https://www.nist.gov/itl/airc — the core framework |
| AI RMF Playbook | https://airc.nist.gov/airmf-resources/playbook/ — companion implementation guidance |
| NIST AI 600-1: Generative AI Profile | https://www.nist.gov/itl/airc — generative AI profile |
| AI RMF Crosswalks (including to ISO/IEC 42001) | https://www.nist.gov/itl/airc — published mappings between AI RMF and other instruments |
| ISO/IEC 42001:2023 | https://www.iso.org — the international standard, purchased from ISO or national standards bodies |
| ISO/IEC 23894:2023 | https://www.iso.org — AI risk management methodology, used alongside ISO 42001 |
| ISO/IEC 22989:2022 | https://www.iso.org — AI concepts and terminology |
Crosswalks between the AI RMF and ISO/IEC 42001 are published by NIST and by external organisations. They identify subcategory-to-clause and subcategory-to-Annex-A-control correspondences. The crosswalks are useful for planning and gap analysis; for high-stakes work, the authoritative source for each instrument is the instrument itself.
FAQ
Should I adopt the AI RMF or ISO/IEC 42001?
For most organisations the question is which to start with, not which to choose — the two are complementary rather than competing. If external attestation is the primary need (customer requirements, EU market access, regulatory positioning), ISO/IEC 42001 is the better starting point because it produces a certificate. If substantive methodology depth is the primary need (without immediate certification pressure), the AI RMF is the better starting point because it provides more detailed guidance. Most organisations end up using both.
Does AI RMF adoption count toward ISO/IEC 42001 certification?
Not directly — certification is granted against the ISO 42001 Standard, not against the AI RMF. But AI RMF activities produce substantive evidence (risk assessments, impact analyses, monitoring documentation) that supports ISO 42001 audit work. Organisations that have adopted the AI RMF substantively are typically better prepared for ISO 42001 certification than organisations starting from no AI governance.
Can I be certified to the AI RMF?
No. NIST does not certify against the AI RMF and does not authorise certification bodies. Third-party assessment services exist in the US market, but they are not equivalent to ISO certification. Organisations seeking external attestation typically use ISO/IEC 42001 for that purpose and use the AI RMF for methodology.
Do the four AI RMF functions correspond to the ten ISO 42001 clauses?
Not directly. The four functions and the ten clauses are different structural devices. Govern relates most closely to Clauses 4 and 5; Map and Measure relate most closely to Clause 6 and parts of Clause 8; Manage relates most closely to other parts of Clause 8 and to Clause 10. NIST and external organisations publish crosswalks that detail the correspondences subcategory by subcategory.
Is the AI RMF more demanding than ISO/IEC 42001?
The two are demanding in different ways. The AI RMF imposes substantive methodology depth — particularly in Measure 2 (evaluation against trustworthy characteristics) — that ISO 42001 does not specify at the same level. ISO 42001 imposes management system structure — Annex SL clauses, the Statement of Applicability, internal audit, management review, certification — that the AI RMF does not require. Organisations doing the AI RMF substantively and ISO 42001 substantively typically find each instrument demanding in areas the other is not.
How do I document AI RMF activities for ISO/IEC 42001 audit?
Map AI RMF subcategories to the ISO 42001 clauses and Annex A controls they support, and produce documentation that satisfies both. AI risk assessments performed under Map and Measure activities are also Clause 6.1.2 risk assessments; impact characterisation under Map 5 is also Clause 6.1.4 impact assessment; trustworthy characteristic evaluations under Measure 2 are also Annex A.6.2.4 V&V evidence. The same artefact can support both, structured to ISO 42001 documented information requirements.
Does the Generative AI Profile satisfy ISO 42001 requirements for generative AI?
The profile supports substantive work on generative AI within an AIMS but does not satisfy ISO 42001 obligations on its own. The SoA must still be produced, Annex A controls must still be implemented or excluded with justification, and the management system structure under Clauses 4–10 must operate. The profile supplies the substantive content for generative-AI-specific risk identification and treatment within that structure.
Can NIST AI 600-1 risks be used as the input to the ISO 42001 Statement of Applicability for a generative AI system?
Yes, as a starting input. The twelve risks identified in NIST AI 600-1 are a useful starting point for AI risk assessment under ISO 42001 Clause 6.1.2 for generative AI systems. The SoA must then select Annex A controls to treat the risks, justify inclusions and exclusions, and record implementation status. The profile supplies risk content; the SoA mechanism applies it.
Does ISO/IEC 42001 conflict with the AI RMF?
No. The two are designed to be complementary, and substantive conflicts are rare. Where the instruments differ, they typically address different dimensions of the same problem — AI RMF on methodology, ISO 42001 on management system structure — and the differences are additive rather than contradictory. NIST and ISO/IEC have engaged with each other through the development of both instruments, and crosswalks document the relationships.
Will future versions of either instrument reduce the overlap or sharpen the distinction?
The AI RMF Roadmap indicates continued alignment work with international standards including ISO/IEC. Future updates to ISO/IEC 42001 are managed through the ISO/IEC SC 42 work programme. Both instruments are likely to continue evolving, but the underlying division of labour — AI RMF for methodology, ISO/IEC 42001 for management system — is structural and unlikely to change.
