--- title: NIST AI RMF, AI Agent Compliance Coverage description: How ZioSec evidence satisfies NIST AI RMF. Control-by-control mapping with coverage type, supporting evidence, and out-of-scope items. url: https://ziosec.com/ai-compliance/nist-ai-rmf about: NIST AI RMF authority: US Dept of Commerce / NIST reference: AI 100-1 --- # NIST AI RMF Standard 02 of 05. Voluntary, De Facto Benchmark. A voluntary framework structured around GOVERN, MAP, MEASURE, MANAGE. The GenAI Profile extends RMF to LLMs and agents. ## At a glance - **Released:** v1.0 Jan 2023; GenAI Profile July 2024 - **Adoption:** De Facto Benchmark - **Functions:** GOVERN, MAP, MEASURE, MANAGE - **Procurement:** Increasingly required in US federal AI ## Control-level coverage Where ZioSec evidence satisfies NIST AI RMF: - **GV-1.4 Risk-Management Process Established** (Supporting) - Obligation: Documented, repeatable processes for AI risk management. - ZioSec capability: Process-In-A-Box - Coverage: Containerized deployment ships with an opinionated, repeatable risk testing process out of the box. - Evidence: Process documentation; Repeatable test runs - **MP-2.3 AI Capabilities and Limits Documented** (Full) - Obligation: System capabilities, limitations, and intended uses are documented with sufficient specificity. - ZioSec capability: Capability Mapping - Coverage: Pentest scoping discovers actual agent capabilities (tools, data access, autonomy level) and validates them against documented intent. - Evidence: Capability inventory; Tool-access surface map - **MP-5.1 Likelihood and Impact of Risks Assessed** (Full) - Obligation: Likelihood and magnitude of risks (including malicious use) are assessed. - ZioSec capability: Adversary Simulation - Coverage: Empirical likelihood data from real attack simulations replaces guesswork in risk assessments. - Evidence: Exploit success rates; Attack chain analysis - **MS-1.1 Approaches and Metrics Identified** (Full) - Obligation: Quantitative and qualitative measures for trustworthy AI characteristics are identified. - ZioSec capability: OWASP / MITRE Mapping - Coverage: Findings mapped to OWASP LLM Top 10, OWASP Agentic Top 10, and MITRE ATLAS. - Evidence: OWASP Top 10 mapping; MITRE ATLAS mapping; Quantitative scores - **MS-2.6 AI System Security and Resilience Evaluated** (Full) - Obligation: System is regularly evaluated for security vulnerabilities and resilience to adversarial attacks. - ZioSec capability: This Is The Job - Coverage: Continuous adversarial probing across thousands of vulnerability pathways. Direct fulfillment of MS-2.6. - Evidence: Continuous test cadence; Vulnerability findings; Resilience benchmarks - **MS-2.7 Privacy Risk Tested** (Full) - Obligation: Privacy risks of the AI system are documented and tested. - ZioSec capability: PII Exfiltration Suite - Coverage: Specific test category for membership inference, training data extraction, and PII leakage. - Evidence: Privacy attack reports; Inference test results - **MG-2.4 Mechanisms to Supersede or Deactivate** (Full) - Obligation: Mechanisms exist to supersede, disengage, or deactivate AI systems. - ZioSec capability: Containerized Kill-Switch - Coverage: Deployment architecture provides per-agent isolation and immediate deactivation; tested as part of every engagement. - Evidence: Kill-switch validation; Isolation tests - **MG-3.2 Pre-Deployment Adversarial Testing (GenAI Profile)** (Full) - Obligation: Generative AI systems undergo structured pre-deployment red-teaming. - ZioSec capability: Pre-Deployment Gates - Coverage: ZioSec serves as the pre-deployment gate, with structured red-teaming aligned to the GenAI Profile. - Evidence: Red-team reports; Pre-deployment sign-off ## Customer-owned (out of scope) These obligations are part of NIST AI RMF but pentest cannot satisfy them. They live with your governance, legal, and product teams. - **GV-1.1 Legal and Regulatory Requirements Understood** (Out of Scope (customer-owned)) - Obligation: Legal, regulatory, and other obligations relevant to AI are documented. - ZioSec capability: Customer Governance Fills - Coverage: Legal mapping and regulatory tracking are owned by Legal and Compliance. - Evidence: Owner: Legal / Compliance - **GV-3.2 Roles and Responsibilities Established** (Out of Scope (customer-owned)) - Obligation: Roles, responsibilities, and lines of communication for AI risk management are documented. - ZioSec capability: Customer Governance Fills - Coverage: Org chart definition and RACI matrices are organizational design owned by leadership. - Evidence: Owner: Leadership / HR - **MS-2.11 Fairness and Bias Evaluated** (Out of Scope (customer-owned)) - Obligation: Fairness and bias are measured and addressed throughout the lifecycle. - ZioSec capability: Customer Governance Fills - Coverage: Fairness and bias evaluation requires demographic data and ethics review not produced by offensive testing. - Evidence: Owner: Responsible AI / Data Science ## Crosswalk available Get the RMF crosswalk for your agents. We will map your agents to the four RMF functions and the twelve GenAI Profile risk categories. What you receive: - Per-subcategory coverage map - GenAI Profile risk register - OWASP and MITRE crosswalk - Pre-deployment gate template - Procurement Q&A pack - Federal contract briefing Email info@ziosec.com (subject: NIST RMF Crosswalk) or open the cross-framework matrix at https://ziosec.com/ai-compliance/matrix.