Changeflow GovPing AI Regulation AI RMF Profile on Trustworthy AI in Critical In...
Routine Notice Added Draft

AI RMF Profile on Trustworthy AI in Critical Infrastructure - Concept Note

Favicon for www.nist.gov NIST AI Risk Management Framework
Detected April 7th, 2026
Email

Summary

NIST Information Technology Laboratory announced the development of an AI Risk Management Framework (AI RMF) Profile focused on Trustworthy AI in Critical Infrastructure. The concept note outlines plans to guide critical infrastructure operators toward specific risk management practices for AI-enabled capabilities across IT, OT, and Industrial Control Systems. NIST is establishing a Community of Interest to gather feedback from industry, regulators, policymakers, academia, and stakeholders to inform the profile's development.

View original document View source feed page

What changed

NIST ITL announced a new initiative to develop an AI RMF profile specifically for critical infrastructure sectors. The profile will help CI operators implement trustworthiness requirements for AI systems and communicate these requirements across AI and CI lifecycles and supply chains. The concept note represents the initial stage of this framework development effort.

Critical infrastructure operators across all 16 CI sectors should monitor this initiative as it will provide sector-specific guidance for managing AI risks. AI developers and vendors serving critical infrastructure markets may benefit from participating in the Community of Interest to influence the profile's requirements and gain early guidance on trustworthiness expectations.

What to do next

  1. Monitor NIST for profile development updates
  2. Join the Trustworthy AI in Critical Infrastructure Community of Interest mailing list

Source document (simplified)

PROJECTS/PROGRAMS

Concept Note: AI RMF Profile on Trustworthy AI in Critical Infrastructure

Share

Facebook Linkedin X.com Email

Description

Credit: N. Hanacek/NIST

To meet the demand for enhanced safety, security, reliability, capacity, and efficiency, the nation’s critical infrastructure (CI) will increasingly rely on technological advancements such as Artificial Intelligence (AI) across Information Technology (IT), Operational Technology (OT), and Industrial Control Systems (ICS). Adopting AI in these high-stakes environments relies on AI systems being worthy of trust. The NIST AI Risk Management Framework (AI RMF) was developed to define and promote trustworthiness in AI systems through a repeatable, full lifecycle approach that organizations can use to unlock the benefits of AI while appropriately managing risks.

As part of its Strategy for American Technology Leadership in the 21st Century, the NIST Information Technology Laboratory (ITL) is supporting critical infrastructure sectors by launching the development of the AI RMF Trustworthy AI in Critical Infrastructure Profile. This profile will guide CI operators towards specific risk management practices to consider when engaging AI-enabled capabilities. It will then help them communicate their trustworthiness requirements in an actionable way to teams, developers, and other stakeholders across the AI and CI lifecycles and supply chains.

Download the Concept Note

NIST AI RMF Profile on Trustworthy AI in Critical Infrastructure Community of Interest

NIST looks forward to engaging with industry, user groups, regulators, policymakers, academia, other stakeholders, and the broader community. Working collaboratively, NIST will develop a profile that provides critical infrastructure sectors with increased confidence to deploy AI agents and tools as part of their overall strategy. The profile should also offer developers and vendors with guidance and greater certainty to catalyze and highlight the development of innovative solutions based on managing risks and worthy of our trust.

NIST is creating a Trustworthy AI in Critical Infrastructure Profile Community of Interest to provide feedback to NIST. NIST welcomes participation from across the entire critical infrastructure ecosystem—including all sectors, organizational roles, and supply chain partners.

Sign up for our mailing list, and forthcoming Community Slack channel, where NIST will hold informal discussions and solicit real time feedback. All significant announcements will be made available via the mailing list.

Sign Up

Artificial intelligence and Trustworthy and responsible AI

NIST Staff

Martin Stanley Raymond Sheh

Dates

Started:

April 2026

Project Status

Ongoing

Created April 6, 2026, Updated April 7, 2026

Related changes

Favicon for www.nist.gov NIST AI Risk Management Framework Engagement and Updates
Routine Mar 27, 2026 NIST AI Risk Management Framework AI Regulation
Favicon for www.nist.gov NIST AI Risk Management Framework Draft 2 and Playbook Consultation
Priority review Mar 25, 2026 NIST AI Risk Management Framework AI Regulation
Favicon for www.nist.gov NIST AI Risk Management Framework Playbook
Routine Mar 25, 2026 NIST AI Risk Management Framework AI Regulation
Favicon for changeflow.com AI Age Verification Required for Chatbots
Priority review Apr 07, 2026 Oklahoma Legislative Events Government General
Favicon for www.jdsupra.com State AI Legislation Update: Chatbot and Healthcare AI Laws Enacted
Priority review Apr 07, 2026 JD Supra Healthcare Healthcare
Favicon for www.brookings.edu What got lost in the global AI summit circuit
Routine Apr 06, 2026 Brookings Regulatory Policy Government & Legislation

Get daily alerts for NIST AI Risk Management Framework

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Favicon for www.nist.gov
NIST AI Risk Management Framework nist.gov/itl/ai-risk-management-framework
AI Regulation
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
NIST
Instrument
Notice
Legal weight
Non-binding
Stage
Draft
Change scope
Minor

Who this affects

Applies to
Technology companies Government agencies Healthcare providers
Industry sector
5112 Software & Technology
Activity scope
AI system development Critical infrastructure operations Risk management practices
Geographic scope
United States US

Taxonomy

Primary area
Artificial Intelligence
Operational domain
Risk Management
Compliance frameworks
NIST CSF
Topics
Cybersecurity Data Privacy Critical Infrastructure

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 292 Consumer Protection 44 Courts & Legal 361 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 101 Environment 85 Environmental Permits 1 Environmental Regulation 13 Government & Legislation 278 Healthcare 136 Housing 16 Immigration 9 Insurance 58 Labor & Employment 113 Legislative 1 Pharma & Drug Safety 104 Public Health 3 Securities & Markets 104 Securities Regulation 14 Tax 66 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get alerts for this source

We'll email you when NIST AI Risk Management Framework publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.