Unorma

NIST AI RMF

How to Choose NIST AI RMF Software: Key Capabilities

A capability-by-capability breakdown of what to look for when choosing NIST AI RMF software, with a comparison framework and the questions that separate serious platforms from rebrands.

Zofia Kubiak
Zofia Kubiak

July 5, 2026 · 17 min read

NIST AI RMF

Plenty of platforms now claim NIST AI RMF alignment — the framework's popularity as a reference structure has made it a common marketing checkbox. Very few map to its actual 19 categories and 72 subcategories with any real depth. This is a capability-by-capability breakdown for telling the difference before you sign a contract.

TL;DR

  • Verify subcategory-level tracking specifically — function-level scores ('Measure: 70%') hide exactly what's incomplete underneath.
  • Confirm you can define your own target profile and risk tolerance rather than being locked into a fixed, generic model.
  • If you use generative AI, confirm the Generative AI Profile's 12 risk categories are explicitly supported, not just the base four functions.
  • Check whether the platform connects Measure data back to Govern policy updates, or treats Govern as a one-time setup step.
  • Build makes sense only if you have very few AI systems and minimal external pressure (customers, procurement, insurers) to demonstrate RMF alignment formally.

The Problem: Plenty of Platforms Claim RMF Alignment

"NIST AI RMF aligned" appears on countless vendor pages, but alignment can mean anything from deep subcategory-level mapping to a single marketing slide referencing the four function names. For what RMF-mapped software should automate at a conceptual level, see NIST AI RMF Software. This post focuses specifically on how to tell real implementations apart during evaluation.

Core Capabilities to Verify

Subcategory-level trackingCustom target profilesGenAI Profile supportEvidence-linked Measure dataGovern-to-Manage feedback loop
Five capabilities worth checking off individually — a platform that's strong on branding can still be weak on several of these.

Testing Subcategory-Level Mapping in a Demo

Ask the vendor to show a specific subcategory under Measure — not the Measure function as a whole — and demonstrate exactly what evidence satisfies it for a real system. If they can only show function-level or category-level scoring, you're looking at a shallower implementation than the marketing suggests.

Evaluating Profile Support

Capability levelWhat it looks like
WeakFixed, generic risk scoring with no customizable target profile
AdequateYou can set a target profile per system, manually tracked against current state
StrongTarget profiles are configurable per use case, with the gap to current state automatically actionable

Evaluating Generative AI Profile Support

If generative AI is part of your AI portfolio, ask specifically whether the 12 risk categories from NIST AI 600-1 — including confabulation, data privacy, information security and human-AI configuration — are tracked as distinct categories, or absorbed vaguely into general risk fields.

Integration With Existing Security and ML Tooling

Measure-stage evidence often already exists in security scanning tools or ML evaluation pipelines. Ask how the platform ingests or links to that existing data, rather than requiring your team to manually re-enter results that are already generated elsewhere.

Vendor Red Flags

  • Only function-level scoring. No visibility into which of the 72 subcategories are actually addressed.
  • No customizable target profile. A one-size-fits-all risk tolerance model doesn't reflect how organizations actually differ.
  • GenAI Profile absent or vague. A significant gap for any organization using generative AI meaningfully.

Questions Worth Sending in Writing

  1. How many of the 72 RMF subcategories are natively trackable in the platform?
  2. Can we define a custom target profile and risk tolerance per AI system?
  3. How is the Generative AI Profile (NIST AI 600-1) supported, specifically?
  4. How does Measure-stage data connect back to Govern policy updates?
  5. What integrations exist with common security scanning and ML evaluation tools?

Build vs. Buy, Revisited for RMF Specifically

Multiple AI systems?No → lightweight docsYes → evaluate buyingRMF-mapped software
A simplified build-vs-buy decision path specifically for NIST AI RMF tooling.

A Simple Comparison Table Template

CapabilityVendor AVendor B
Subcategory-level trackingScore 1-5Score 1-5
Custom target profilesScore 1-5Score 1-5
GenAI Profile supportScore 1-5Score 1-5
Integration depthScore 1-5Score 1-5
Update cadenceScore 1-5Score 1-5

Primary Sources

Where Unorma Fits

Try the capability checklist on us

Unorma’s NIST AI RMF framework tracks category and subcategory-level progress per system, with gap analysis turning target-profile gaps into assigned work. Read how to implement the NIST AI RMF step by step for the underlying rollout process this software should support.

Frequently asked questions

What's the clearest way to test if RMF software has real depth?

Ask for a specific subcategory under Measure or Map, live in a demo, and see exactly what evidence satisfies it for a real system — function-level-only scoring signals a shallower implementation.

Do we need software if we only have 2-3 AI systems?

Not necessarily — a lightweight, documented process can work at that scale. The case for software strengthens once you have multiple systems, multiple people involved, or external pressure to formally demonstrate alignment.

How important is Generative AI Profile support?

Very important if generative AI is part of your portfolio — the 12 GenAI-specific risk categories from NIST AI 600-1 address risks (like hallucination and prompt injection) that the base RMF functions don't capture explicitly.

Should target profiles be customizable per system?

Yes — a fixed, generic risk tolerance model doesn't reflect that different AI systems carry genuinely different risk profiles and organizational priorities.

What integration capability matters most?

Connections to existing security scanning and ML evaluation tools, so Measure-stage evidence can be linked rather than manually re-entered from data that already exists elsewhere.

How do we compare multiple vendors objectively?

Use a simple weighted scoring table across the core capabilities — subcategory tracking, profile customization, GenAI Profile support, integration depth and update cadence — rather than relying on demo impressions alone.

Is a generic GRC platform with 'AI risk' features good enough?

Only if it maps specifically to the RMF's actual categories and subcategories. A generic risk score with RMF branding attached doesn't provide the structure the framework is actually built around.

About the author

Zofia Kubiak
Zofia Kubiak

Compliance Specialist

Compliance specialist focused on management-system standards and risk frameworks, helping teams turn certification requirements into working programs.

View full profile