Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » NIST » NIST AI Risk Management Framework (AI RMF)

NIST AI Risk Management Framework (AI RMF)

The Artificial Intelligence Risk Management Framework (AI RMF) is designed in collaboration with private and public sectors. It is a practical guide to enable individuals and organizations to manage risks posed by generative AI in a way that aligns with their goals and objectives. 

NIST AI RMF is a voluntary framework developed to help users ensure transparency and trustworthiness into the end to end process of AI usage that includes its designing, developing, and evaluation. It aims to facilitate the use of AI in a way that emphasizes human centricity, social responsibility, and sustainability. 

The framework covers these areas:

  1. Framing risk: Understanding and addressing the impacts, challenges, and harms caused by risks.
  2. Audience: Involves the perspectives and impacts from a broad perspective of actors throughout its lifecycle. 
  3. AI risks and trustworthiness: Ensure that AI systems are trustworthy by being responsive to all interested parties.
  4. Effectiveness: Describes how users can benefit from the framework.
  5. RMF core: Outlines the actions and outcomes to promote the collaboration, understanding, and other activities that help to develop trustworthy AI systems though these functions – govern, map, measure, and manage. 
  6. Profiles: These are implementation of functions, categories, and subcategories for applications based on the specific requirement, risk tolerance level, and resources of the user.

Additional reading

Best Compliance Management Software: The Buyer’s Guide

Regulatory expectations have tightened, making compliance management software a practical necessity. Public companies must disclose material cyber incidents within four business days of determining their materiality, while multiple state privacy laws have turned the audit season into a year-round demand for provable controls, policies, training, and vendor diligence. With the average global data‑breach cost at…

From Automation to Intelligence: How AI Is Rewriting GRC

There’s so much noise, hype, and rapid movement surrounding AI in GRC that it’s easy to get lost in the headlines.  That’s why we brought together two of the industry’s most respected security leaders—Diana Kelley, CISO at NOMA Security and former CTO at Microsoft, and SKI(Senthil Kumar Ayyapan), an award-winning GRC executive and CISO at…

GDPR For Small Businesses: A Quick Guide For 2026

TL;DR GDPR compliance for small businesses exempts them from its record-keeping requirements for data processing with a few criteria. GDPR requirements include processing data on a lawful basis, privacy by design and default, data security, accountability & governance, and privacy rights of data subjects. Complying with GDPR includes a 12-step checklist containing identifying and updating…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales