Reference

NIST AI RMF Mapping

How Beltic credentials map to NIST AI Risk Management Framework functions and categories.

Beltic credentials align with NIST AI Risk Management Framework (AI RMF) to support AI governance and risk management.

NIST AI RMF Overview

The NIST AI RMF defines 4 core functions:

GOVERN - Policies, processes, and oversight
MAP - Context, categorization, and risk identification
MEASURE - Testing, evaluation, and validation
MANAGE - Response, monitoring, and continuous improvement

Credential Field Mapping

GOVERN

Fields establishing accountability and governance:

DeveloperCredential:

legalName - Legal accountability
entityType - Organizational structure
incorporationJurisdiction - Regulatory context
kybTier - Verification level
sanctionsScreeningStatus - Compliance screening
overallRiskRating - Risk classification

AgentCredential:

agentId - Unique identifier for tracking
developerCredentialId - Developer accountability link
incidentResponseContact - Governance process
deprecationPolicy - Lifecycle management

MAP

Fields describing context and intended use:

AgentCredential:

agentDescription - Intended purpose
approvedUseCases - Authorized applications
prohibitedUseCases - Restrictions
dataCategoriesProcessed - Data context
toolsList - Capability inventory with risk categories
deploymentEnvironment - Technical context
ageRestrictions - User appropriateness

MEASURE

Fields tracking evaluation and testing:

AgentCredential:

harmfulContentRefusalScore - Safety testing
promptInjectionRobustnessScore - Security testing
toolAbuseRobustnessScore - Capability testing
piiLeakageRobustnessScore - Privacy testing
All benchmark metadata (name, version, date, source)
systemConfigFingerprint - Integrity verification

MANAGE

Fields supporting monitoring and response:

AgentCredential:

humanOversightMode - Control mechanism
failSafeBehavior - Risk mitigation
monitoringCoverage - Observability
updateCadence - Maintenance schedule
credentialStatus - Lifecycle state
revocationListUrl - Revocation capability

DeveloperCredential:

credentialStatus - Active/suspended/revoked
lastUpdatedDate - Freshness tracking
revocationListUrl - Accountability enforcement

Use Cases for Compliance

AI Governance Dashboard

Display NIST function coverage:

function getNISTCoverage(credential) {
  return {
    govern: {
      accountability: credential.legalName,
      verification: credential.kybTier,
      compliance: credential.sanctionsScreeningStatus
    },
    map: {
      purpose: credential.agentDescription,
      capabilities: credential.toolsList,
      restrictions: credential.prohibitedUseCases
    },
    measure: {
      safety: credential.harmfulContentRefusalScore,
      security: credential.promptInjectionRobustnessScore,
      privacy: credential.piiLeakageRobustnessScore
    },
    manage: {
      oversight: credential.humanOversightMode,
      monitoring: credential.monitoringCoverage,
      response: credential.incidentResponseContact
    }
  };
}

Regulatory Reporting

Generate NIST compliance reports:

const nistReport = {
  agent: credential.agentName,
  functions: {
    govern: ['KYB verification completed', 'Sanctions screening: clear'],
    map: ['Approved use cases documented', 'Risk taxonomy applied'],
    measure: ['Safety evaluation: 96/100', 'Security testing: 92/100'],
    manage: ['Human oversight enabled', 'Incident response configured']
  }
};

Beltic credentials also align with:

ISO/IEC 42001 - AI management system standard
EU AI Act - High-risk AI system requirements
OECD AI Principles - Responsible AI development

See Also

Evaluation Metrics

How safety and robustness scores are calculated and interpreted.

Error Codes

Complete reference of all error codes for validation, signature, and trust chain operations in the Beltic SDK.

On this page

NIST AI RMF Overview Credential Field Mapping GOVERN MAP MEASURE MANAGE Use Cases for Compliance AI Governance Dashboard Regulatory Reporting Related Frameworks See Also