Skip to content

L8.1.2 — NIST AI RMF Profiles: GenAI, secure software, sector-specific

Type: Theory · Duration: ~5 min · Status: Mandatory Module: Module 8 — AI Governance, Risk & Compliance Framework tags: NIST AI RMF (Profiles)

Learning objectives

  1. Define what a NIST AI RMF Profile is and recognize the GenAI Profile (NIST AI 600-1) as the most-cited.
  2. Identify when a sector-specific profile applies and where to look for emerging profiles.

Core content

What a Profile is

A NIST AI RMF Profile is a tailored application of the framework to a specific use case, sector, or system type. The base RMF 1.0 is general-purpose; Profiles overlay it with use-case-specific guidance — additional risks, additional controls, additional measurement criteria.

Profiles are NIST's mechanism for keeping a stable framework while adapting to fast-moving subdomains. Rather than amending RMF 1.0 every time a new AI risk emerges, NIST publishes a Profile.

The GenAI Profile (NIST AI 600-1, July 2024)

The most-adopted Profile in 2026. Adds generative-AI-specific risks and controls on top of base RMF. Twelve risk categories:

  1. CBRN information (chemical/biological/radiological/nuclear uplift)
  2. Confabulation (a.k.a. hallucination)
  3. Dangerous, violent, hateful content
  4. Data privacy
  5. Environmental impacts
  6. Harmful bias and homogenization
  7. Human-AI configuration (over-reliance, automation bias)
  8. Information integrity (mis/dis-information)
  9. Information security
  10. Intellectual property
  11. Obscene, degrading, abusive content
  12. Value chain and component integration

For each, the Profile specifies: how to Govern, Map, Measure, Manage. Concrete control suggestions, measurement criteria, governance considerations.

If you ship a generative-AI feature, this Profile is the most-cited single document by buyers / auditors / customer security teams. Working knowledge of the twelve categories is necessary.

When sector-specific Profiles apply

NIST has published or is developing sector-specific Profiles for:

  • Financial services (in development as of 2025-2026).
  • Healthcare (signals around HIPAA + AI Profile work).
  • Critical infrastructure (signals around CISA + NIST collaboration).
  • Government/federal (multiple agency-specific guidance documents that effectively act as Profiles).

Beyond NIST, industry-body profiles also emerge: - Financial Services Information Sharing & Analysis Center (FS-ISAC) AI guidance. - Healthcare Information Trust Alliance (HITRUST) AI risk framework. - Cloud Security Alliance AI Controls Matrix.

These are pseudo-profiles that map to NIST RMF and add sector-specific obligations.

When to use a Profile

Three triggers:

  1. You're building a generative-AI product → GenAI Profile (NIST AI 600-1). Always.
  2. You're shipping to a regulated sector → sector-specific Profile (or industry-body equivalent). Maps additional regulatory obligations.
  3. You're a federal contractor → check agency-specific guidance for that contract; treat as a Profile.

Operational adoption

For each Profile applicable to your stack: - Map your controls (from the control library, L8.1.1) to the Profile's categories. - Identify gaps. Each gap becomes a roadmap item. - Cite the Profile explicitly in your governance reporting.

The mapping artifact is a deliverable. Customers and auditors will ask for "your NIST AI 600-1 Profile mapping" by name.

What's coming

By 2026 the Profile landscape has expanded substantially. Expect Profiles for: agentic AI specifically (in development), multimodal systems, code-generation systems, AI in critical national infrastructure. Each new Profile adds vocabulary and obligations.

The AI security engineer's job is to track the Profile landscape relevant to their stack — quarterly review at minimum.

Real-world example

The OpenAI System Cards for their major releases explicitly map their disclosed risks to NIST AI 600-1 categories. Anthropic's Responsible Scaling Policy implicitly does the same. The Profile has become a shared vocabulary for the industry, making cross-vendor risk comparison possible.

Key terms

  • NIST AI RMF Profile — tailored framework application for a use case / sector / system type.
  • GenAI Profile (NIST AI 600-1) — the most-cited Profile in 2026.
  • Sector-specific Profile — emerging Profiles for financial, healthcare, critical infrastructure, etc.

References

  • NIST AI 600-1 (GenAI Profile, July 2024) — https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.600-1.pdf
  • NIST AI RMF Resource Center (Profile catalog).
  • FS-ISAC AI guidance; HITRUST AI; CSA AI Controls Matrix.

Quiz items

  1. Q: What's a NIST AI RMF Profile and how does it relate to the base RMF? A: A tailored application of the framework to a specific use case, sector, or system type. Overlays the base RMF 1.0 with use-case-specific risks, controls, and measurement criteria. The mechanism for keeping a stable framework while adapting to fast-moving subdomains.
  2. Q: Name three of the twelve GenAI Profile risk categories. A: Any three of: CBRN information, confabulation, dangerous/violent/hateful content, data privacy, environmental impacts, harmful bias, human-AI configuration, information integrity, information security, IP, obscene/abusive content, value chain and component integration.
  3. Q: When should you reach for the GenAI Profile (NIST AI 600-1)? A: When building any generative-AI product. It's the most-cited single document by buyers, auditors, customer security teams.

Video script (~600 words, ~4.5 min)

[SLIDE 1 — Title]

NIST AI RMF Profiles. GenAI, secure software, sector-specific. Five minutes.

[SLIDE 2 — What a Profile is]

A NIST AI RMF Profile is a tailored application of the framework to a specific use case, sector, or system type. Base RMF 1.0 is general-purpose. Profiles overlay it with use-case-specific guidance — additional risks, additional controls, additional measurement criteria.

Profiles are NIST's mechanism for keeping a stable framework while adapting to fast-moving subdomains. Rather than amending RMF 1.0 every time a new AI risk emerges, NIST publishes a Profile.

[SLIDE 3 — GenAI Profile overview]

NIST AI 600-1, the GenAI Profile, published July 2024. The most-adopted Profile in twenty-twenty-six. Adds generative-AI-specific risks and controls on top of base RMF. Twelve risk categories. CBRN information — chemical, biological, radiological, nuclear uplift. Confabulation, also known as hallucination. Dangerous, violent, hateful content. Data privacy. Environmental impacts. Harmful bias and homogenization. Human-AI configuration — over-reliance, automation bias. Information integrity — mis and dis-information. Information security. Intellectual property. Obscene, degrading, abusive content. Value chain and component integration.

For each, the Profile specifies how to Govern, Map, Measure, Manage. Concrete control suggestions, measurement criteria, governance considerations.

[SLIDE 4 — Why GenAI Profile matters]

If you ship a generative-AI feature, this Profile is the most-cited single document by buyers, auditors, customer security teams. Working knowledge of the twelve categories is necessary.

[SLIDE 5 — Sector-specific Profiles]

Sector-specific Profiles. NIST has published or is developing for financial services, in development as of twenty-twenty-five and twenty-twenty-six. Healthcare — signals around HIPAA plus AI Profile work. Critical infrastructure — CISA plus NIST collaboration. Government and federal — multiple agency-specific guidance documents.

Beyond NIST, industry-body profiles also emerge. FS-ISAC AI guidance. HITRUST AI risk framework. Cloud Security Alliance AI Controls Matrix. These are pseudo-profiles that map to NIST RMF and add sector-specific obligations.

[SLIDE 6 — When to use a Profile]

Three triggers. You're building a generative-AI product: GenAI Profile, always. You're shipping to a regulated sector: sector-specific Profile or industry-body equivalent — maps additional regulatory obligations. You're a federal contractor: check agency-specific guidance for that contract; treat as a Profile.

[SLIDE 7 — Operational adoption]

For each Profile applicable to your stack. Map your controls — from the control library — to the Profile's categories. Identify gaps. Each gap becomes a roadmap item. Cite the Profile explicitly in your governance reporting.

The mapping artifact is a deliverable. Customers and auditors will ask for "your NIST AI 600-1 Profile mapping" by name.

[SLIDE 8 — What's coming + up next]

By twenty-twenty-six the Profile landscape has expanded substantially. Expect Profiles for agentic AI specifically — in development — multimodal systems, code-generation systems, AI in critical national infrastructure. Each new Profile adds vocabulary and obligations.

AI security engineer's job: track the Profile landscape relevant to your stack. Quarterly review at minimum.

Next lesson: EU AI Act compliance program design. Five minutes. See you there.

Slide outline

  1. Title — "NIST AI RMF Profiles".
  2. What a Profile is — base RMF + overlay diagram.
  3. GenAI Profile — 12-category grid.
  4. Why it matters — pull-quote: "most-cited single document by buyers/auditors/customer security."
  5. Sector-specific — sector icons (finance, healthcare, critical infra, fed).
  6. When to use — three-trigger flowchart.
  7. Operational adoption — three-step process.
  8. What's coming + up next — Profile roadmap + L8.2.1 pointer.

Production notes

  • Recording: ~4.5 min. Cap 5.
  • Slide 3 (12-category grid) will be screenshot-shared; design as a clean reference card.