Probe SixProbe Six|Documentation

NIST AI Risk Management Framework

The NIST AI Risk Management Framework (AI RMF 1.0, NIST AI 100-1) is a voluntary U.S. federal framework published on 26 January 2023 by the National Institute of Standards and Technology. It provides organisations with a structured approach to identifying, assessing, and managing AI risks across the entire AI lifecycle.

Rather than prescribing specific technical controls, the AI RMF establishes a common language and set of practices that organisations can adapt to their own context. It is designed to be used alongside existing risk management processes, not to replace them.

Probe Six assesses AI systems against all 19 categories and 72 subcategories of the NIST AI RMF, combining automated adversarial testing with structured governance questionnaires. Each subcategory is mapped to its exact NIST reference (e.g. GOVERN 1.1, MEASURE 2.7).

The assessment covers 58 automated security pluginsthat exercise the AI system in real time across 9 testable subcategories (MEASURE 2.3–2.11), plus 91 governance questions across all 19 categories for obligations that require organisational assessment.

Framework Structure

The AI RMF is organised around four core functions. Together, they create a lifecycle approach to AI risk management, from establishing governance through to ongoing monitoring and incident response.

GOVERN

GOVERN

Cultivate and implement a culture of risk management within organisations designing, developing, deploying, or using AI systems.

6 categories· 19 subcategories

MAP

MAP

Establish the context to frame risks related to an AI system, including intended use, assumptions, and impact characterisation.

5 categories· 18 subcategories

MEASURE

MEASURE

Employ quantitative, qualitative, or mixed-method tools, techniques, and methodologies to analyse, assess, benchmark, and monitor AI risk.

4 categories· 22 subcategories· 9 testable via automated probing

MANAGE

MANAGE

Allocate risk resources based on assessed risks, respond to and recover from AI incidents, and communicate results.

4 categories· 13 subcategories

Coverage Summary

19
Categories
72
Subcategories
58
Automated Plugins
91
Governance Questions
Automated TestingSubcategories tested through automated adversarial probes that exercise the AI system in real time, producing measurable evidence of compliance or non-compliance. All automated subcategories are under MEASURE 2 (Trustworthy AI Characteristics).
Governance AssessmentSubcategories assessed through structured governance questionnaires referencing exact NIST subcategory IDs. These cover organisational policies, processes, and documentation that cannot be tested at runtime.

Trustworthy AI Characteristics

MEASURE 2 is the core of automated assessment. Its 13 subcategories map to 7 characteristics of trustworthy AI defined in the AI RMF. Nine of these subcategories (2.3–2.11) have automated plugins; the remaining four are governance-only.

CharacteristicSubcategoryPluginsCoverage
Performance & AssuranceMS 2.34Automated Testing
SafetyMS 2.413Automated Testing
Validity & ReliabilityMS 2.53Automated Testing
Misuse & Abuse ResistanceMS 2.65Automated Testing
Security & ResilienceMS 2.715Automated Testing
Transparency & AccountabilityMS 2.82Automated Testing
Explainability & InterpretabilityMS 2.92Automated Testing
PrivacyMS 2.106Automated Testing
Fairness & BiasMS 2.119Automated Testing
TEVV ConfirmationMS 2.1Governance Assessment
Human SubjectsMS 2.2Governance Assessment
Environmental ImpactMS 2.12Governance Assessment
TEVV EffectivenessMS 2.13Governance Assessment

Category-by-Category Assessment

Each of the 19 NIST AI RMF categories is assessed through a combination of automated adversarial testing (where applicable) and governance questionnaires. Categories are grouped by their parent function.

GOVERN Function

GOVERN

Cultivate and implement a culture of risk management within organisations designing, developing, deploying, or using AI systems.

GV-1Policies, Processes & Risk Tolerance

7 subcategories· 8 governance questions
ReferenceSubcategoryCoverage
GOVERN 1.1Transparent, structured policies and proceduresGovernance Assessment
GOVERN 1.2Legal, regulatory, and industry requirements understoodGovernance Assessment
GOVERN 1.3Processes and practices in placeGovernance Assessment
GOVERN 1.4Risk tolerance determined and communicatedGovernance Assessment
GOVERN 1.5Risk environment monitoring and reviewGovernance Assessment
GOVERN 1.6Risks mapped to enterprise risk policiesGovernance Assessment
GOVERN 1.7Third-party risk addressedGovernance Assessment
Governance Questions
  1. Are AI risk management policies and procedures transparent, structured, and regularly reviewed per GOVERN 1.1?8Y/N
  2. Are applicable legal, regulatory, and industry requirements relating to AI risks understood and documented per GOVERN 1.2?9Y/N
  3. Are processes, procedures, and practices for AI risk management in place and implemented per GOVERN 1.3?8Y/N
  4. Is the organisation's risk tolerance determined and clearly communicated per GOVERN 1.4?8Y/N
  5. Is the ongoing monitoring and review of the risk environment conducted to adjust risk tolerance per GOVERN 1.5?7Y/N
  6. Are mechanisms in place to map AI risks to existing enterprise risk management policies per GOVERN 1.6?7Y/N
  7. Does AI risk management address risks arising from third-party software and data per GOVERN 1.7?8Y/N
  8. How mature is your AI risk management policy framework?81–5

GV-2Accountability & Training

3 subcategories· 4 governance questions
ReferenceSubcategoryCoverage
GOVERN 2.1Roles and responsibilities definedGovernance Assessment
GOVERN 2.2Personnel trained in AI risk managementGovernance Assessment
GOVERN 2.3Executive leadership engagementGovernance Assessment
Governance Questions
  1. Are roles and responsibilities for AI risk management clearly defined, documented, and understood per GOVERN 2.1?8Y/N
  2. Are personnel sufficiently trained in AI risk management and domain-specific expertise per GOVERN 2.2?8Y/N
  3. Is executive leadership engaged and accountable for AI risk management decisions per GOVERN 2.3?9Y/N
  4. How mature is your AI accountability and training programme?71–5

GV-3Diversity, Equity & Inclusion

2 subcategories· 3 governance questions
ReferenceSubcategoryCoverage
GOVERN 3.1DEI integrated into AI risk managementGovernance Assessment
GOVERN 3.2Under-represented contexts addressedGovernance Assessment
Governance Questions
  1. Are workforce diversity, equity, inclusion, and accessibility considerations integrated into AI risk management per GOVERN 3.1?8Y/N
  2. Are policies and practices in place to address AI risks arising in contexts that may not be well represented per GOVERN 3.2?8Y/N
  3. How mature is your DEI integration in AI risk management?71–5

GV-4Organisational Culture & Safety

3 subcategories· 4 governance questions
ReferenceSubcategoryCoverage
GOVERN 4.1Safe reporting cultureGovernance Assessment
GOVERN 4.2AI competencies aligned to rolesGovernance Assessment
GOVERN 4.3Ethics oversight bodyGovernance Assessment
Governance Questions
  1. Does the organisational culture support a safe environment for reporting AI risks and concerns without fear of reprisal per GOVERN 4.1?8Y/N
  2. Are AI competencies, skills, and risk awareness aligned to organisational roles per GOVERN 4.2?7Y/N
  3. Is there an ethics committee, review board, or similar body that oversees AI governance practices per GOVERN 4.3?7Y/N
  4. How mature is your organisational AI safety culture?71–5

GV-5Stakeholder Engagement

2 subcategories· 3 governance questions
ReferenceSubcategoryCoverage
GOVERN 5.1Stakeholder feedback processesGovernance Assessment
GOVERN 5.2Engagement across AI lifecycleGovernance Assessment
Governance Questions
  1. Are ongoing stakeholder engagement processes established to incorporate feedback into AI system design and risk management per GOVERN 5.1?7Y/N
  2. Is stakeholder engagement responsive and maintained across the AI system lifecycle per GOVERN 5.2?7Y/N
  3. How mature is your stakeholder engagement programme for AI systems?71–5

GV-6Third-Party Risk Governance

2 subcategories· 3 governance questions
ReferenceSubcategoryCoverage
GOVERN 6.1Third-party policies documentedGovernance Assessment
GOVERN 6.2Contingency processes for incidentsGovernance Assessment
Governance Questions
  1. Are policies and procedures defined and documented for third-party AI technology and data providers per GOVERN 6.1?8Y/N
  2. Are contingency processes in place to handle failures or incidents involving third-party AI components per GOVERN 6.2?8Y/N
  3. How mature is your third-party AI risk governance?71–5

MAP Function

MAP

Establish the context to frame risks related to an AI system, including intended use, assumptions, and impact characterisation.

MP-1Context, Purpose & Requirements

6 subcategories· 7 governance questions
ReferenceSubcategoryCoverage
MAP 1.1Intended purposes documentedGovernance Assessment
MAP 1.2Interdisciplinary stakeholder inputGovernance Assessment
MAP 1.3System defined scopeGovernance Assessment
MAP 1.4Assumptions and limitations documentedGovernance Assessment
MAP 1.5Affected groups identifiedGovernance Assessment
MAP 1.6Legal and regulatory requirements cataloguedGovernance Assessment
Governance Questions
  1. Are intended purposes, potentially beneficial uses, context of use, and deployment conditions documented per MAP 1.1?8Y/N
  2. Is interdisciplinary AI actor and stakeholder input incorporated at all stages of the AI lifecycle per MAP 1.2?7Y/N
  3. Is the AI system's defined scope clearly documented, including what the system is not designed to do per MAP 1.3?7Y/N
  4. Are assumptions, context, and limitations documented to facilitate assessment of Trustworthy AI characteristics per MAP 1.4?8Y/N
  5. Are potentially affected individuals, communities, and groups identified and documented per MAP 1.5?8Y/N
  6. Are applicable legal, regulatory, and sector-specific requirements catalogued per MAP 1.6?8Y/N
  7. How mature is your AI system context and requirements documentation?71–5

MP-2System Categorisation & TEVV

3 subcategories· 4 governance questions
ReferenceSubcategoryCoverage
MAP 2.1System categorised by riskGovernance Assessment
MAP 2.2TEVV practices plannedGovernance Assessment
MAP 2.3Scientific integrity upheldGovernance Assessment
Governance Questions
  1. Is the AI system classified and categorised based on its risk level per MAP 2.1?8Y/N
  2. Are test, evaluation, verification, and validation (TEVV) practices planned for the AI system per MAP 2.2?8Y/N
  3. Are expectations for scientific integrity, reproducibility, and quality upheld in AI system assessment per MAP 2.3?7Y/N
  4. How mature is your AI system categorisation and TEVV planning?71–5

MP-3Capabilities, Benefits & Oversight

5 subcategories· 6 governance questions
ReferenceSubcategoryCoverage
MAP 3.1Benefits vs costs/risks documentedGovernance Assessment
MAP 3.2Capabilities vs alternatives assessedGovernance Assessment
MAP 3.3Deployment oversight resources consideredGovernance Assessment
MAP 3.4Misuse scenarios documentedGovernance Assessment
MAP 3.5Third-party model capabilities knownGovernance Assessment
Governance Questions
  1. Are the benefits of the AI system documented alongside costs and potential risks per MAP 3.1?7Y/N
  2. Are AI system capabilities assessed relative to alternative (non-AI) approaches per MAP 3.2?7Y/N
  3. Are resources considered for deployment oversight, including human oversight, per MAP 3.3?8Y/N
  4. Are reasonably foreseeable misuse scenarios documented per MAP 3.4?8Y/N
  5. Are third-party AI model capabilities, limitations, and applicable terms understood per MAP 3.5?7Y/N
  6. How mature is your AI capabilities and misuse assessment process?71–5

MP-4Component & Third-Party Risk Mapping

2 subcategories· 3 governance questions
ReferenceSubcategoryCoverage
MAP 4.1Component risks mappedGovernance Assessment
MAP 4.2Third-party data and models documentedGovernance Assessment
Governance Questions
  1. Are risks for individual AI system components mapped and documented per MAP 4.1?7Y/N
  2. Are internal and third-party data and AI models documented and assessed for risk per MAP 4.2?7Y/N
  3. How mature is your component and third-party risk mapping?71–5

MP-5Impact Characterisation

2 subcategories· 3 governance questions
ReferenceSubcategoryCoverage
MAP 5.1Likelihood of impact assessedGovernance Assessment
MAP 5.2Impacts characterised per affected groupGovernance Assessment
Governance Questions
  1. Is the likelihood of each identified impact assessed and documented per MAP 5.1?8Y/N
  2. Are potential impacts characterised per affected group and documented per MAP 5.2?8Y/N
  3. How mature is your AI impact characterisation process?71–5

MEASURE Function

MEASURE

Employ quantitative, qualitative, or mixed-method tools, techniques, and methodologies to analyse, assess, benchmark, and monitor AI risk.

MS-1Methods, Metrics & Assessment

3 subcategories· 4 governance questions
ReferenceSubcategoryCoverage
MEASURE 1.1Methods and metrics identifiedGovernance Assessment
MEASURE 1.2Risk assessment aligned to contextGovernance Assessment
MEASURE 1.3Internal processes documentedGovernance Assessment
Governance Questions
  1. Are appropriate methods and metrics identified and applied to measure AI risks and Trustworthy AI characteristics per MEASURE 1.1?8Y/N
  2. Do risk assessment approaches align with the AI system's use context, risk profile, and intended deployment per MEASURE 1.2?8Y/N
  3. Are internal AI risk management processes, personnel, and resources properly documented per MEASURE 1.3?7Y/N
  4. How mature are your AI risk measurement methods and metrics?71–5

MS-2Trustworthy AI Characteristics

13 subcategories· 59 automated plugins· 14 governance questions
ReferenceSubcategoryCoverage
MEASURE 2.1Computational testability confirmedGovernance Assessment
MEASURE 2.2Human subjects evaluationsGovernance Assessment
MEASURE 2.3Performance and assurance measuredAutomated Testing
MEASURE 2.4Safety evaluated regularlyAutomated Testing
MEASURE 2.5Validity and reliability demonstratedAutomated Testing
MEASURE 2.6Misuse and abuse resistance evaluatedAutomated Testing
MEASURE 2.7Security and resilience evaluatedAutomated Testing
MEASURE 2.8Transparency and accountability examinedAutomated Testing
MEASURE 2.9Explainability and interpretability documentedAutomated Testing
MEASURE 2.10Privacy risk examinedAutomated Testing
MEASURE 2.11Fairness and bias evaluatedAutomated Testing
MEASURE 2.12Environmental impact documentedGovernance Assessment
MEASURE 2.13TEVV effectiveness documentedGovernance Assessment
Automated Plugins
MEASURE 2.3Performance and assurance measured
PluginWhat it tests
HallucinationTests for confabulated or fabricated information in model responses
OverrelianceTests whether the model encourages over-dependence on its outputs
SycophancyTests whether the model agrees with false premises rather than correcting the user
ContractsTests adherence to contractual and terms-of-service obligations
MEASURE 2.4Safety evaluated regularly
PluginWhat it tests
Violent CrimeTests resistance to generating violent crime content
Sex CrimeTests resistance to generating sexual crime content
Child ExploitationTests resistance to generating child exploitation content
Self-HarmTests resistance to generating self-harm or suicide content
Chemical & Biological WeaponsTests resistance to generating CBRN weapon instructions
Indiscriminate WeaponsTests resistance to generating mass casualty weapon content
RadicalizationTests resistance to generating radicalisation or extremism content
CybercrimeTests resistance to generating cybercrime instructions
Illegal DrugsTests resistance to generating illegal drug manufacture content
Illegal ActivitiesTests resistance to generating general illegal activity content
Unsafe PracticesTests resistance to generating unsafe professional advice
Graphic ContentTests resistance to generating gratuitously graphic content
ProfanityTests resistance to generating profane or offensive language
MEASURE 2.5Validity and reliability demonstrated
PluginWhat it tests
Factual AccuracyTests whether the model provides factually accurate responses
Citation VerificationTests whether cited sources exist and support the claims made
Confidence CalibrationTests accuracy of confidence expressions relative to actual accuracy
MEASURE 2.6Misuse and abuse resistance evaluated
PluginWhat it tests
Direct Prompt InjectionTests resistance to direct prompt manipulation attacks
Indirect Prompt InjectionTests resistance to injected instructions in context data
Prompt ExtractionTests resistance to system prompt extraction attempts
Prompt HijackingTests resistance to prompt hijacking and task diversion
Self-ReplicationTests resistance to self-replicating prompt patterns
MEASURE 2.7Security and resilience evaluated
PluginWhat it tests
SQL InjectionTests for SQL injection vulnerabilities in AI-generated outputs
Shell InjectionTests for command injection in AI-generated outputs
Server-Side Request Forgery (SSRF)Tests for SSRF vulnerabilities
ASCII SmugglingTests resistance to invisible Unicode character injection
Debug AccessTests for exposed debug endpoints
Data ExfiltrationTests resistance to data exfiltration via the AI
Role-Based Access Control (RBAC)Tests access control enforcement
Broken Object-Level Authorisation (BOLA)Tests object-level authorisation
Broken Function-Level Authorisation (BFLA)Tests function-level authorisation
Model FingerprintingTests whether model identity can be extracted
Error Information LeakageTests for sensitive information in error responses
Privilege EscalationTests resistance to privilege escalation attacks
Secrets ProbingTests resistance to secrets and credential extraction
Reverse ShellTests resistance to reverse shell code generation
Multimodal InjectionTests resistance to injection via non-text modalities
MEASURE 2.8Transparency and accountability examined
PluginWhat it tests
AI Self-DisclosureTests whether the AI discloses its artificial nature
Limitation DisclosureTests whether the AI declares known limitations
MEASURE 2.9Explainability and interpretability documented
PluginWhat it tests
ExplainabilityTests whether the AI can explain its reasoning process
Confidence CalibrationTests accuracy of confidence expressions (shared with MS 2.5)
MEASURE 2.10Privacy risk examined
PluginWhat it tests
PII: Direct DisclosureTests for direct personal data leakage
PII: API/Database LeakageTests for API or database credential leakage
PII: Session LeakageTests for cross-session personal data leakage
PII: Social EngineeringTests for social engineering data extraction
Cross-Session Data LeakageTests for data leaking between user sessions
Training Data ExtractionTests for memorised training data extraction
MEASURE 2.11Fairness and bias evaluated
PluginWhat it tests
Bias: RaceProbes for racial bias in model outputs
Bias: GenderProbes for gender bias in model outputs
Bias: AgeProbes for age-based discrimination
Bias: DisabilityProbes for disability-related bias
Bias: ReligionProbes for religious discrimination
Bias: Sexual OrientationProbes for sexual orientation bias
Bias: SocioeconomicProbes for socioeconomic bias
Bias: PoliticalProbes for political bias
Bias: NationalityProbes for nationality-based discrimination
Governance Questions
  1. Has the AI system been confirmed to be computationally testable with adequate data per MEASURE 2.1?7Y/N
  2. Are evaluations involving human subjects conducted with informed consent and oversight per MEASURE 2.2?7Y/N
  3. Is AI system performance and assurance measured qualitatively or quantitatively for conditions similar to deployment per MEASURE 2.3?8Y/N
  4. Is the AI system evaluated regularly for safety risks — including dangerous, harmful, or CBRN content generation per MEASURE 2.4?9Y/N
  5. Is the AI system demonstrated to be valid and reliable — including factual accuracy and citation correctness per MEASURE 2.5?8Y/N
  6. Is the AI system evaluated for how well it can withstand misuse and abuse — including prompt injection and jailbreaking per MEASURE 2.6?9Y/N
  7. Are AI system security and resilience evaluated and documented — including adversarial attacks and data exfiltration per MEASURE 2.7?9Y/N
  8. Are risks associated with transparency and accountability examined and documented per MEASURE 2.8?7Y/N
  9. Is the AI model explained, validated, and documented for explainability and interpretability per MEASURE 2.9?7Y/N
  10. Is the privacy risk of the AI system examined and documented — including PII leakage and training data memorisation per MEASURE 2.10?9Y/N
  11. Are fairness and bias evaluated and results documented — including demographic bias across protected characteristics per MEASURE 2.11?9Y/N
  12. Is the environmental impact of the AI system documented, including computational resources and energy consumption per MEASURE 2.12?6Y/N
  13. Is the effectiveness of the TEVV approaches documented and reviewed per MEASURE 2.13?7Y/N
  14. How mature is your assessment of Trustworthy AI characteristics?81–5

MS-3Risk Tracking & Feedback

3 subcategories· 4 governance questions
ReferenceSubcategoryCoverage
MEASURE 3.1Risk tracking approach in placeGovernance Assessment
MEASURE 3.2Feedback mechanism for findingsGovernance Assessment
MEASURE 3.3Risk assessment updated with findingsGovernance Assessment
Governance Questions
  1. Is a risk tracking approach in place that captures and maintains identified AI risks per MEASURE 3.1?8Y/N
  2. Is there a feedback mechanism for findings from risk assessment to inform risk management decisions per MEASURE 3.2?7Y/N
  3. Is the risk assessment updated based on new findings, changes, and post-deployment monitoring per MEASURE 3.3?8Y/N
  4. How mature is your AI risk tracking and feedback process?71–5

MS-4Measurement Efficacy

3 subcategories· 4 governance questions
ReferenceSubcategoryCoverage
MEASURE 4.1Measurement approaches auditableGovernance Assessment
MEASURE 4.2Assessment limitations documentedGovernance Assessment
MEASURE 4.3Assessment formats support decisionsGovernance Assessment
Governance Questions
  1. Are measurement approaches for identifying AI risks auditable and traceable per MEASURE 4.1?7Y/N
  2. Are limitations and uncertainties of risk assessment approaches documented per MEASURE 4.2?7Y/N
  3. Are assessment result formats designed to support AI risk management decision-making per MEASURE 4.3?7Y/N
  4. How mature is your measurement efficacy review process?71–5

MANAGE Function

MANAGE

Allocate risk resources based on assessed risks, respond to and recover from AI incidents, and communicate results.

MG-1Risk Prioritisation & Response

4 subcategories· 5 governance questions
ReferenceSubcategoryCoverage
MANAGE 1.1Risk prioritisation planGovernance Assessment
MANAGE 1.2Treatment plans in placeGovernance Assessment
MANAGE 1.3Residual risk assessedGovernance Assessment
MANAGE 1.4Risk response aligned to toleranceGovernance Assessment
Governance Questions
  1. Is a plan in place for prioritising AI risks based on assessed impact and likelihood per MANAGE 1.1?8Y/N
  2. Are treatment plans in place to manage identified AI risks per MANAGE 1.2?8Y/N
  3. Are responses to identified AI risks assessed for residual risk and acceptability per MANAGE 1.3?8Y/N
  4. Are risk response strategies aligned with the risk tolerance of the organisation per MANAGE 1.4?7Y/N
  5. How mature is your AI risk prioritisation and response process?71–5

MG-2Risk Strategy & Decommissioning

4 subcategories· 5 governance questions
ReferenceSubcategoryCoverage
MANAGE 2.1Strategy for acceptable risk levelsGovernance Assessment
MANAGE 2.2Decommissioning process documentedGovernance Assessment
MANAGE 2.3Pre-deployment testing ensures acceptable risksGovernance Assessment
MANAGE 2.4Risk management integrated into lifecycleGovernance Assessment
Governance Questions
  1. Are strategies in place to manage AI risks to levels acceptable to the organisation per MANAGE 2.1?8Y/N
  2. Is a decommissioning process documented and followed when the AI system is retired or replaced per MANAGE 2.2?7Y/N
  3. Is pre-deployment testing conducted to ensure risks are within acceptable levels per MANAGE 2.3?8Y/N
  4. Is risk management integrated throughout the AI system lifecycle per MANAGE 2.4?8Y/N
  5. How mature is your AI risk strategy and lifecycle management?71–5

MG-3Third-Party Resource Management

2 subcategories· 3 governance questions
ReferenceSubcategoryCoverage
MANAGE 3.1Third-party resources continuously monitoredGovernance Assessment
MANAGE 3.2Monitoring includes risk measurementsGovernance Assessment
Governance Questions
  1. Are third-party AI resources (data, models, services) continuously monitored for risk per MANAGE 3.1?8Y/N
  2. Does third-party monitoring include measurement of risks and comparison against risk tolerance per MANAGE 3.2?7Y/N
  3. How mature is your third-party AI resource management?71–5

MG-4Monitoring, Recovery & Communication

3 subcategories· 4 governance questions
ReferenceSubcategoryCoverage
MANAGE 4.1Post-deployment monitoring planGovernance Assessment
MANAGE 4.2Incident capture mechanismsGovernance Assessment
MANAGE 4.3Risk evaluation communicatedGovernance Assessment
Governance Questions
  1. Is a post-deployment monitoring plan in place, including mechanisms for system performance and anomaly detection per MANAGE 4.1?8Y/N
  2. Are mechanisms in place for capturing and responding to AI system incidents, errors, and user complaints per MANAGE 4.2?8Y/N
  3. Are AI risk evaluation results and incident information communicated to relevant stakeholders per MANAGE 4.3?7Y/N
  4. How mature is your post-deployment monitoring, incident response, and stakeholder communication?81–5

NIST AI 600-1 Generative AI Profile

The NIST AI 600-1 Generative AI Profile (July 2024) identifies 12 GAI-specific risk categories. The table below shows how Probe Six's assessment maps to each risk category.

GAI RiskProbe Six CoverageSubcategory
CBRN Informationharmful:chemical-biological-weapons + MS 2.4 governanceMS 2.4
Confabulationhallucination, factual-accuracy, confidence-calibrationMS 2.3, 2.5
Dangerous Content13 harmful:* plugins covering all dangerous content variantsMS 2.4
Data Privacypii:*, cross-session-leak, training-data-extractionMS 2.10
Environmental ImpactsGovernance question only (no automated probes)MS 2.12
Harmful Bias9 bias:* plugins across protected characteristicsMS 2.11
Human-AI Configurationoverreliance, sycophancy + governance questionsMS 2.3
Information Integrityfactual-accuracy, citation-verification, confidence-calibrationMS 2.5
Information Security15 security plugins (injection, access control, exfiltration)MS 2.7
Intellectual Propertycontracts plugin + governance questionsMS 2.3
Obscene/Abusive Contentgraphic-content, profanity pluginsMS 2.4
Value Chain & Component IntegrationGovernance questions across GV-6, MP-4, MG-3GV-6, MP-4, MG-3

Out-of-Scope Items

The following items from the NIST AI RMF ecosystem are not included in the Probe Six assessment because they represent customisation guidance rather than assessable requirements.

ItemRationale
AI RMF ProfilesProfiles are organisation-specific customisations of the framework — they describe how an organisation applies the AI RMF to its context, not assessable requirements.
Playbook activitiesThe AI RMF Playbook provides suggested actions for each subcategory — these are implementation guidance, not assessable controls.

Running a NIST AI RMF Assessment

To run a NIST AI Risk Management Framework assessment:

  1. Register your endpoint— Add the AI system you want to assess via the Endpoints page
  2. Select the NIST AI RMF template— Choose individual categories for targeted testing or select all 19 for comprehensive coverage
  3. Complete governance questions— When you select a category, its governance questions appear inline below the category row. Answer them in context — your responses auto-save and persist across scans
  4. Review category-level results— Each finding in your report includes exact NIST subcategory references alongside results from automated testing and governance assessment

The assessment produces a per-category compliance view grouped by NIST function, showing which subcategories were tested, pass rates, and severity levels. Governance-only categories (GOVERN, MAP, and most MANAGE categories) appear with governance assessment results only.

Note:This assessment is a technical evaluation tool, not a compliance certification. Results should be reviewed alongside appropriate risk management expertise. The NIST AI RMF is a voluntary framework — the assessment helps identify gaps and provides evidence for your AI risk management documentation.

References