How does NIST AI RMF apply to agent governance?

Answer

The NIST AI Risk Management Framework organizes AI governance into four functions: GOVERN (establish policies, roles, and accountability), MAP (identify and categorize AI risks), MEASURE (assess and monitor risks), and MANAGE (treat and mitigate risks). For agents: GOVERN maps to your organizational governance structure, MAP maps to pre-deployment risk assessment, MEASURE maps to runtime monitoring (drift detection, bias scanning, performance tracking), and MANAGE maps to intervention controls (kill switches, HITL gates, conditional access).