Security leaders keep asking a version of the same question: "We finally aligned to NIST CSF 2.0 — do we now need a whole second framework for AI?" The answer is no. The NIST AI Risk Management Framework (AI RMF 1.0) isn't a rival program; it's a specialized lens that plugs into the program you already run. Knowing where it plugs in is the whole trick.
Two frameworks, two questions
CSF 2.0 asks: is your security program functioning? Six functions — Govern, Identify, Protect, Detect, Respond, Recover — applied to everything you operate.
AI RMF asks: are the AI systems you build or buy trustworthy? Four functions — Govern, Map, Measure, Manage — applied to each AI system across its lifecycle: valid and reliable, safe, secure, accountable, explainable, privacy-enhanced, fair.
Where they connect
| AI RMF function | Plugs into your CSF program as… |
|---|---|
| Govern | An extension of CSF GV: AI added to risk appetite, policy suite, and board reporting; AI vendors added to supply-chain risk (GV.SC) |
| Map | An extension of ID: your asset inventory grows an AI system inventory — models, AI features in vendor products, and the data each one touches |
| Measure | New muscle: performance, bias, and drift testing on a cadence — the AI equivalent of control testing, feeding the same evidence discipline |
| Manage | Extensions of PR/DE/RS: access controls around models and training data, monitoring for misuse and drift, and AI-specific scenarios in your incident response plan |
What this means practically
Don't stand up a parallel committee
Your existing risk governance owns AI risk. Add AI as a standing dimension of the quarterly packet — inventory count, top risks, exceptions — rather than inventing a new reporting universe that will starve within a year.
Start with Map, not Measure
Organizations jump to bias testing before they can list their AI systems. The sequencing that works mirrors CSF adoption: inventory first (including shadow AI), tier by impact, then measure the top tier.
Reuse your evidence discipline
If your CSF program taught you anything, it's that maturity equals cadence plus evidence. AI RMF rewards exactly the same behavior: documented model inventories, dated vendor assessments, test results with owners. Auditors and examiners increasingly accept — and expect — the two frameworks presented as one integrated story.
The one-page integration
Add an "AI" column to your existing CSF control map. For each function, note the AI-specific additions this article describes. That single artifact — most clients' versions fit on one page — is the difference between "we're figuring out AI governance" and "our program covers AI." It's also the backbone of our AI Security & Governance Assessment, which delivers the mapping with NIST CSF 2.0 cross-references your board and examiner can follow.