← All articles
Compliance · Jun 8, 2026 · 6 min read

A Practical Guide to NIST AI RMF Compliance

The NIST AI Risk Management Framework is one of the more useful documents in the compliance world, which is faint praise until you have read the alternatives. It is voluntary, it is not a checklist, and it does not certify you. What it gives you instead is a shared language for talking about AI risk and a structure for actually managing it. The catch is that “a structure” is not the same as “a process,” and most teams stall in exactly that gap. This is how we close it with GovCraft.

The four core functions, in plain terms

The framework organizes everything into four functions. Strip away the formal language and they are four questions you have to be able to answer.

Govern

Who is accountable, and by what rules? Govern is the connective tissue — the policies, roles, and culture that make the other three functions stick. It is the function teams most want to skip because it produces no demo, and it is the one auditors check first. If nobody owns AI risk, you do not have a program; you have a collection of good intentions.

Map

What AI do we have, and where can it hurt us? Map is about context: cataloging your AI systems, their intended use, their data, and the harms they could plausibly cause. You cannot manage risk in systems you have not enumerated, and the typical organization underestimates its own AI footprint by a wide margin.

Measure

How risky is it, in numbers? Measure turns “this model feels biased” into metrics — accuracy across subgroups, robustness, drift, explainability. The point is to make risk observable so that decisions are about evidence rather than vibes.

Manage

What are we doing about it? Manage is acting on what you mapped and measured: prioritizing risks, applying controls, and responding when something goes wrong. It is where the framework stops being a binder and starts changing what your systems are allowed to do.

Inventory and map your AI systems

Everything starts with an honest inventory, and “honest” is the hard word. The shadow AI is always larger than the sanctioned AI — the script a team wired to an LLM API, the vendor feature quietly powered by a model, the notebook that became a production dependency. GovCraft pulls this together by tracking the systems that route through your stack and prompting you to register the ones that do not, then mapping each to its intended use, data sources, and risk classification. The deliverable is a living register, not a spreadsheet that was true the day it was made.

Turn controls into real-time policy at the gateway

This is the step that separates a paper program from a real one. A control that lives in a document is a suggestion. A control that lives at the gateway is enforcement. Because GovCraft sits on the path your AI traffic takes, the policies you write — which models may handle which data classes, where outputs must be logged, what requires a human in the loop — execute on every request in real time. A policy violation is blocked at the moment it happens, not discovered in a quarterly review.

A control you cannot enforce in production is a wish with a reference number.

Evidence and immutable audit trails

The framework asks you to be accountable, and accountability without evidence is just assertion. Every policy decision GovCraft makes — every allow, every block, every routed request and the rule that governed it — lands in an append-only audit trail. Immutability matters: an audit log you can quietly edit is worth nothing to an auditor and worth less to you when you are reconstructing an incident. The trail is your proof that the controls you wrote are the controls that ran.

Make the audit a report, not a fire drill

Most compliance pain is not the standard; it is the scramble. The audit arrives, and three weeks vanish into screenshots, exported logs, and Slack archaeology to prove that what you said you do is what you actually did. When mapping, measurement, and enforcement are continuous and the evidence accumulates on its own, the audit becomes an export. You generate the report from a system of record that was always current. The framework stops being an annual event and becomes the ambient state of your program.

First steps: a checklist

NIST AI RMF rewards programs that are continuous over programs that are heroic. Build the structure once, wire it into the path your AI actually takes, and let the evidence pile up. The framework was never meant to be survived once a year — it was meant to run.