NIST AI Risk Management Framework
Umbrella LinkML schema for the NIST AI Risk Management Framework family.
Imports:
* nist_ai_rmf_core - AI RMF 1.0 (NIST AI 100-1) foundational
concepts, Core Functions / Categories / Subcategories,
Profiles, design attributes, and the AI RMF Playbook
companion data shape.
* nist_ai_rmf_gai - GAI Profile (NIST AI 600-1): 12 GAI
risks, Suggested Actions, Primary GAI Considerations, and
Structured Public Feedback methods.
Most consumers should import this umbrella to get the entire
framework via a single namespace (nist_ai_rmf:). Two tree-root
classes are exposed by the imports - AiRmfFramework from the
core module and GaiProfile from the GAI module - so callers
must pass --target-class when validating.
URI: https://w3id.org/lmodel/nist-ai-rmf
Name: nist-ai-rmf
Classes
| Class | Description |
|---|---|
| NamedThing | A generic grouping for any identifiable AI RMF element |
| AiActor | An organization or individual that plays an active role in the AI |
| AiActorTask | A category of task performed by AI actors (Appendix A) |
| AiLifecycleStage | A stage of the AI lifecycle (Figure 2): Plan and Design, |
| AiRmfDocument | Publication metadata for an instance of the AI RMF (e |
| AiRmfFramework | Root container that bundles the AI RMF Core (Functions) with |
| AiRmfProfile | An implementation of the AI RMF Functions, Categories, and |
| GaiProfile | Root container that bundles the NIST AI 600-1 Generative AI |
| AiSpecificRisk | A risk that is new or increased for AI-based technology compared |
| GaiRisk | A risk that is novel to or exacerbated by Generative AI |
| AiSystem | An engineered or machine-based system that can, for a given set |
| AiSystemDimension | A socio-technical dimension of an AI system (Figure 2): |
| Bias | A form of AI bias - a deviation that may be perpetuated or |
| Category | A category within an AI RMF Core function (e |
| Function | A top-level AI RMF Core function |
| Harm | A negative impact that may be experienced by individuals, |
| HumanAiInteractionIssue | An issue that merits further consideration in human-AI |
| Impact | A positive, negative, or both consequence of an AI system |
| PrimaryGaiConsideration | An overarching consideration derived from the NIST GAI PWG |
| Risk | The composite measure of an event's probability of occurring and |
| ResidualRisk | Risk remaining after risk treatment (ISO Guide 73) |
| RiskMeasurementChallenge | A challenge that complicates measurement of AI risks |
| RiskTolerance | The organization's or AI actor's readiness to bear risk in order |
| RmfAttribute | A design attribute of the AI RMF (Appendix D) - one of the |
| StructuredPublicFeedback | Methods used to evaluate whether GAI systems are performing as |
| AiRedTeaming | A structured testing exercise used to probe an AI system to |
| Subcategory | A subcategory within an AI RMF Core category (e |
| SuggestedAction | A suggested action an organisation can take to manage GAI |
| TrustworthinessCharacteristic | A characteristic of a trustworthy AI system (Figure 4 / Part 1 |
| PlaybookCollection | A container for a set of PlaybookEntry instances - the |
| PlaybookEntry | A single AI RMF Playbook entry - an enrichment of a Core |
Slots
| Slot | Description |
|---|---|
| about_text | Free-text discussion of the subcategory or related concept |
| action_id | Identifier of a Suggested Action |
| actor_task | AI actor task category |
| actor_tasks | AI actor task categories (Appendix A) |
| addressed_by_actions | Suggested actions that address this risk (back-reference) |
| addresses | Subcategories that the profile implements or addresses |
| affects | Entities (people, organizations, ecosystems) the risk or harm |
| affects_system | The AI system this risk pertains to |
| ai_actor_categories | Free-text list of AI Actor categories the entry applies to, |
| ai_actors | AI actor categories the entry applies to |
| ai_dimension | The AI system dimension the element applies to |
| ai_incident_definition | For Incident Disclosure: the definition of AI incident |
| ai_specific_risks | AI-specific risks compared to traditional software (Appendix B) |
| applies_to_subcategory | Identifier of the AI RMF subcategory the action applies to |
| attributes_ | Design attributes of the AI RMF (Appendix D) |
| audience | Whether the actor is part of the primary AI RMF audience or the |
| bias_category | Category or categories of bias addressed |
| categories | Categories that belong to a Function |
| category | Category code in the form "FUNCTION-N" (e |
| category_code | Compact category code in the form "FUNCTION-N" (e |
| category_id | Identifier of a Category (e |
| challenge_kind | Which measurement challenge this represents |
| characteristic_kind | Which trustworthiness characteristic this instance represents |
| consideration_kind | Which primary consideration this element represents |
| current_state | For temporal current profiles - how AI is currently being managed |
| description | A human-readable description |
| dimension_kind | Which of the five dimensions this instance represents |
| dimensions | The AI system dimensions (Figure 2) |
| document | Publication metadata |
| documentation_questions | Free-text documentation questions and transparency resources |
| doi | Digital Object Identifier for the document |
| entries | The Playbook entries in this collection |
| feedback_method_kind | Which structured feedback method this element represents |
| function_code | The function code (GOVERN, MAP, MEASURE, or MANAGE) |
| function_kind | The AI RMF Core function this entry pertains to |
| function_prefix | Two-letter function prefix of the action's subcategory |
| functions | The four AI RMF Core functions and their content |
| gai_risk_catalog | The catalog of GAI risks (Section 2) |
| gai_risk_kind | The GAI risk category this element represents |
| gai_risks | GAI risk categories addressed by a suggested action or |
| governance_practices | Governance plans and actions (A |
| harm_category | The high-level harm category (people / organization / ecosystem) |
| harm_to_people_subcategory | The sub-category when harm is to people (individual / group / societal) |
| human_ai_interaction_issues | Human-AI interaction considerations (Appendix C) |
| id | A unique identifier for an element |
| impact_sign | Whether the impact is positive, negative, or both |
| includes_tevv | Whether this stage incorporates TEVV activities |
| is_base_condition | True when this is a necessary condition for trustworthiness |
| is_cross_cutting | True when this characteristic relates to all others |
| is_residual | Whether this risk represents risk remaining after risk treatment |
| is_tevv | Whether the actor or task is a Test, Evaluation, Verification, and |
| legal_basis | Legal or regulatory requirements influencing the tolerance |
| lifecycle_stage | The AI lifecycle stage(s) the element applies to |
| lifecycle_stages | The AI lifecycle stages (Figure 2) |
| likelihood | Estimated probability of the event occurring (0 |
| limitations_of_current_approaches | For Pre-Deployment Testing: free-text discussion of why |
| magnitude | Magnitude or degree of consequences if the event occurs (free |
| name | A short human-readable name |
| outcome | The outcome statement of a Category or Subcategory - the desired |
| primary_considerations | The primary GAI considerations from Appendix A |
| profile_type | The kind of AI RMF Profile |
| profiles | AI RMF profiles defined alongside this Framework instance |
| provenance_techniques | For Content Provenance: provenance data tracking |
| published_date | Date the document was published |
| publisher | The publisher of the document (e |
| red_team_type | The type of AI red-teaming exercise |
| references_text | Free-text list of references, citations, and supporting |
| related_impacts | The impacts that contribute to this risk |
| risk_categorization | Higher-level categorisation - technical/model, misuse, or |
| risk_measurement_challenges | Identified challenges in measuring AI risk |
| risk_response | The chosen risk treatment option |
| risk_scope | Scope levels at which the risk may manifest |
| risk_sources | Sources from which the risk may emerge |
| section_about | Free-text discussion ("About" section) |
| section_actions | Bulleted suggested actions ("Actions" section) |
| section_doc | Documentation questions and transparency resources |
| section_ref | References and citations ("References" section) |
| sector | The sector, industry, technology, or end-use application the |
| see_also | Related references |
| source | Reference to the source of the element (typically the document |
| stage_kind | Which of the six stages this instance represents |
| structured_feedback_methods | Structured public feedback methods relevant to the profile |
| subcategories | Subcategories that belong to a Category |
| subcategory_id | Identifier of a Subcategory (e |
| suggested_actions | Suggested actions to manage GAI risks (Section 3) |
| suggested_actions_text | Free-text bulleted list of suggested actions an organization can |
| target_state | For temporal target profiles - the outcomes needed to achieve the |
| task_kind | Which of the actor task categories this is |
| third_party_considerations | Considerations for third-party GAI integrations, |
| time_scale | Time scales over which the risk may materialise |
| title | A human-readable title |
| tolerance_statement | Free-text statement of the tolerance level or threshold |
| topic | Topic tags (e |
| topics | Free-text topic tags applied to a playbook entry (e |
| trustworthiness_characteristic | Trustworthiness characteristic(s) the element pertains to |
| trustworthiness_characteristics | The seven characteristics of trustworthy AI |
| type | Function label as serialised in the published Playbook JSON |
| typical_actors | Representative actor roles that perform this task |
| version | Version identifier of the document |
Enumerations
| Enumeration | Description |
|---|---|
| AiActorTaskEnum | Categories of AI actor tasks as described in Appendix A and |
| AiLifecycleStageEnum | AI lifecycle stages as defined in Figure 2 (modified from |
| AiSystemDimensionEnum | Key socio-technical dimensions of an AI system (Figure 2) |
| AudienceEnum | Audience categorisation for the AI RMF (Part 1 §2) |
| BiasCategoryEnum | The three major categories of AI bias identified by NIST |
| FunctionEnum | The four high-level AI RMF Core functions |
| GaiActionFunctionPrefixEnum | Two-letter function prefix used in GAI Action IDs |
| GaiRiskCategorizationEnum | Higher-level grouping of GAI risks, derived from the UK's |
| GaiRiskCategoryEnum | The 12 risks unique to or exacerbated by Generative AI as |
| GaiRiskScopeEnum | The scope at which a GAI risk may manifest (Section 2) |
| GaiRiskSourceEnum | The source(s) from which a GAI risk may emerge (Section 2) |
| GaiRiskTimeScaleEnum | The time scale over which a GAI risk may materialise |
| HarmCategoryEnum | High-level categories of harm related to AI systems (Figure 1) |
| HarmToPeopleSubcategoryEnum | Sub-categories of harm to people, per Figure 1 |
| ImpactSignEnum | Whether an impact of an AI system is positive, negative, or both |
| PrimaryConsiderationEnum | The four overarching themes derived from the GAI PWG |
| ProfileTypeEnum | Types of AI RMF Profile (§6) |
| RedTeamingTypeEnum | Types of AI red-teaming exercises (Appendix A |
| RiskMeasurementChallengeEnum | Challenges that complicate AI risk measurement (Part 1 §1 |
| RiskResponseEnum | Treatment options for AI risks (MANAGE 1 |
| StructuredFeedbackMethodEnum | Categories of structured public feedback for GAI risk |
| TrustworthinessCharacteristicEnum | The seven characteristics of trustworthy AI systems described in |
Types
| Type | Description |
|---|---|
| Boolean | A binary (true or false) value |
| CategoryCode | Identifier for a Core category (e |
| Curie | a compact URI |
| Date | a date (year, month and day) in an idealized calendar |
| DateOrDatetime | Either a date or a datetime |
| Datetime | The combination of a date and time |
| Decimal | A real number with arbitrary precision that conforms to the xsd:decimal speci... |
| Double | A real number that conforms to the xsd:double specification |
| Float | A real number that conforms to the xsd:float specification |
| FunctionCode | Identifier of one of the four AI RMF Core functions |
| GaiActionId | Action identifier used in NIST AI 600-1 Section 3, of the form |
| Integer | An integer |
| Jsonpath | A string encoding a JSON Path |
| Jsonpointer | A string encoding a JSON Pointer |
| Ncname | Prefix part of CURIE |
| Nodeidentifier | A URI, CURIE or BNODE that represents a node in a model |
| Objectidentifier | A URI or CURIE that represents an object in the model |
| Sparqlpath | A string encoding a SPARQL Property Path |
| String | A character string |
| SubcategoryCode | Identifier for a Core subcategory (e |
| Time | A time object represents a (local) time of day, independent of any particular... |
| Uri | a complete URI |
| Uriorcurie | a URI or a CURIE |
Subsets
| Subset | Description |
|---|---|
| Appendices | Supplementary material from Appendices B (differences from |
| Attributes | Design attributes of the AI RMF (Appendix D) - the qualities |
| Core | Foundational concepts shared across the framework: identifier slots, |
| FrameworkCore | The AI RMF Core (Part 2, §5): the four high-level Functions |
| GaiActions | Suggested Actions organised by AI RMF subcategory (Section 3) |
| GaiConsiderations | Primary GAI Considerations (Appendix A): Governance, |
| GaiCore | Foundational GAI Profile concepts - the 12 risks and their |
| GaiFeedback | Structured Public Feedback methods and AI Red-teaming |
| Lifecycle | AI system lifecycle stages, key dimensions, AI actor categories, |
| Playbook | Companion-resource enrichment of an AI RMF subcategory with |
| Profiles | AI RMF profile constructs (§6): use-case profiles, temporal |
| RiskAndHarm | Risk, impact, harm, residual risk, risk tolerance, risk |
| Trustworthiness | Characteristics of trustworthy AI systems (Part 1, §3): |