NIST AI Risk Management Framework

Home Documentation Get started

Home Documentation Get started

NIST AI Risk Management Framework
GRN 1: Risk Management Documentation
GRN 2: AI Organisation Structure
GRN 3: AI Internal Stakeholders
- GRN 3.1 - AI Risk Decisions Making
GRN 4: Organisational Commitments
GRN 5: Stakeholder Engagement
- GRN 5.1 - External Stakeholder Policies
- GRN 5.2 - Stakeholder Feedback Integration
GRN 6: Managing 3rd-Party Risk
- GRN 6.1 - 3rd Party Risk Policies
- GRN 6.2 - 3rd Party Contingency
MAP 1: AI Application Context
MAP 2: AI Application Classification
MAP 3: AI Benefits and Costs
MAP 4: 3rd-Party Risks and Benefits
- MAP 4.1 - Mapping 3rd-Party Risk
- MAP 4.2 - Internal Risk Controls for 3rd Party Risk
MAP 5: AI Impacts
MRE 1: Appropriate Methods and Metrics
MRE 2: Trustworthy Evaluation
MRE 3: Risk Tracking Mechanism
- MRE 3.1 - Risk Tracking and Management
- MRE 3.2 - Risk Tracking Assessments
MRE 4: Measurement Feedback
MGE 1: Managing AI Risk
MGE 2: Managing AI Benefits and Impacts
MGE 3: Managing 3rd-Party Risk
- MGE 3.1 - 3rd Party Risk are Managed
MGE 4: Reporting Risk Management
- MGE 4.1 - Post-Deployment Risk Management
- MGE 4.2 - Measurable Continuous Improvements

Powered by GitBook

On this page

GRN 6: Managing 3rd-Party Risk

PreviousGRN 5.2 - Stakeholder Feedback Integration NextGRN 6.1 - 3rd Party Risk Policies

Last updated 2 years ago

Policies and procedures are in place to address AI risks arising from third-party software and data and other supply chain issues.

Controls in this Seclea risk category contain:

GRN 6.1 - 3rd Party Risk Policies

GRN 6.2 - 3rd Party Contingency