{ "schema_id": "anatop.nist_ai_rmf_playbook_outcomes", "schema_version": "1.0.0", "generated_at_utc": "2026-05-07T17:43:33Z", "outcomes_total": 72, "function_counts": { "Govern": 19, "Map": 18, "Measure": 22, "Manage": 13 }, "outcomes": [ { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-1-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 1.1", "skos:prefLabel": "GOVERN 1.1", "skos:definition": "Legal and regulatory requirements involving AI are understood, managed, and documented.", "sov:function": "Govern", "sov:category": "GOVERN-1", "sov:topics": [ "Legal and Regulatory", "Governance", "AI Actor Training" ], "sov:aiActors": [ "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "131a995ea8c6c5c91099498b8256b72ed41d8e37bfa6a482c9e146cd95b8d2b0", "bytes_utf8": 1388 }, "section_actions": { "sha256": "4b086193af4415601b314201f2804bf624408e045ca473fb72e9820c8ad573f9", "bytes_utf8": 467 }, "section_doc": { "sha256": "de0e3e81c3f1db95cdcb34f04323f0132322012c67d45a445c36f2527786b481", "bytes_utf8": 717 }, "section_ref": { "sha256": "7e15e55691acd9b131b41b43a57f95b8995157886f66142c8714d127253c83af", "bytes_utf8": 928 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 1.1", "json_category": "GOVERN-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-1-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 1.2", "skos:prefLabel": "GOVERN 1.2", "skos:definition": "The characteristics of trustworthy AI are integrated into organizational policies, processes, and procedures.", "sov:function": "Govern", "sov:category": "GOVERN-1", "sov:topics": [ "Trustworthy Characteristics", "Governance", "Validity and Reliability", "Safety", "Secure and Resilient", "Accountability and Transparency", "Explainability and Interpretability", "Privacy", "Fairness and Bias" ], "sov:aiActors": [ "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "6fea97d1eb6787a104c78cda20304e706c0c8e456d5a933a3fd55ae32c5e9c14", "bytes_utf8": 971 }, "section_actions": { "sha256": "9f192023a00df3574abbdf37eb17f0caaf7c9a8167fdb8c0562551f167577054", "bytes_utf8": 1291 }, "section_doc": { "sha256": "4358799da11e5bf32621d41acaef14051e1ef8f8944c543f489742d044e91ef0", "bytes_utf8": 672 }, "section_ref": { "sha256": "de2b9ab2f99200f0d01a0ed4d158ddf67787a8ce6957c91bf6a44583aa880efa", "bytes_utf8": 2693 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 1.2", "json_category": "GOVERN-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-1-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 1.3", "skos:prefLabel": "GOVERN 1.3", "skos:definition": "Processes and procedures are in place to determine the needed level of risk management activities based on the organization's risk tolerance.", "sov:function": "Govern", "sov:category": "GOVERN-1", "sov:topics": [ "Risk Tolerance", "Governance" ], "sov:aiActors": [ "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "58426a5716034913fffa91c492278815fa3bf757ee003c3c148c2958ec064054", "bytes_utf8": 1266 }, "section_actions": { "sha256": "a1d3abb5f32b658a73035886b494cdc573dcdec79a20b1135b303c992d085c15", "bytes_utf8": 1096 }, "section_doc": { "sha256": "3f5fcaef49076cff0d40228d340b06302802126551ec806c7fdd57c6952d4c1e", "bytes_utf8": 498 }, "section_ref": { "sha256": "8e141683e51e6ef212b2e4aa39fd958c6c80725ebdd42ed5527d32229d0d24d7", "bytes_utf8": 855 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 1.3", "json_category": "GOVERN-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-1-4", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 1.4", "skos:prefLabel": "GOVERN 1.4", "skos:definition": "The risk management process and its outcomes are established through transparent policies, procedures, and other controls based on organizational risk priorities.", "sov:function": "Govern", "sov:category": "GOVERN-1", "sov:topics": [ "Risk Management", "Governance", "Documentation" ], "sov:aiActors": [ "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "8ba88c2c51bdb1f2347868cfff72ef4d3f07db5f3fd1427a3d9dac4bee7b9217", "bytes_utf8": 993 }, "section_actions": { "sha256": "28e3eff8c978042f838dabc3ddeb76d322d063f5c80b2e1c70462f276dd4ab44", "bytes_utf8": 1477 }, "section_doc": { "sha256": "08c904113e3947dc352292e6b9057398040d9824bb210da94e07e92da7b3fe2f", "bytes_utf8": 884 }, "section_ref": { "sha256": "19dd4d434afa14ce88f5c5cddc0d9384fe44e9e5ddb7bb81f0ca8f9d241769ce", "bytes_utf8": 2265 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 1.4", "json_category": "GOVERN-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-1-5", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 1.5", "skos:prefLabel": "GOVERN 1.5", "skos:definition": "Ongoing monitoring and periodic review of the risk management process and its outcomes are planned, organizational roles and responsibilities are clearly defined, including determining the frequency of periodic review.", "sov:function": "Govern", "sov:category": "GOVERN-1", "sov:topics": [ "Monitoring", "Governance", "Continual Improvement" ], "sov:aiActors": [ "Governance and Oversight", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "12d8954f1635074a2e2d04e79a08a72593c8d64631de5824cd5e344e7107d325", "bytes_utf8": 774 }, "section_actions": { "sha256": "b71f7cd71b4095276205902641c3e92c52303b7e6f93f3a84dc6811cd2d2c0c0", "bytes_utf8": 891 }, "section_doc": { "sha256": "fd6a74865f5956f0980a971e20cad23e24f1321203baa0bac5664766fd534cdb", "bytes_utf8": 784 }, "section_ref": { "sha256": "af20a89ee9dc5a58688c180b62304d50f6233cde966e7a65bf0dfd98d1e0837e", "bytes_utf8": 413 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 1.5", "json_category": "GOVERN-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-1-6", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 1.6", "skos:prefLabel": "GOVERN 1.6", "skos:definition": "Mechanisms are in place to inventory AI systems and are resourced according to organizational risk priorities.", "sov:function": "Govern", "sov:category": "GOVERN-1", "sov:topics": [ "Risk Management", "Governance", "Data", "Documentation" ], "sov:aiActors": [ "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "bfe282e832f93268dce0c0ab055ed457db93fecb73a40703b43ac7a102ba8924", "bytes_utf8": 1095 }, "section_actions": { "sha256": "a4b6d89cc5a1eadf881616d1da7edca1c6ba867f3566e489c0df7061ea766050", "bytes_utf8": 618 }, "section_doc": { "sha256": "877772167491d114575d8d8440b1c258f20dd91f1f2d78816da71f62eaaea3f3", "bytes_utf8": 796 }, "section_ref": { "sha256": "cb33d876800aedc7fc8f310457867495b557b01c9024d9981cfb94e7ba288ca0", "bytes_utf8": 678 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 1.6", "json_category": "GOVERN-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-1-7", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 1.7", "skos:prefLabel": "GOVERN 1.7", "skos:definition": "Processes and procedures are in place for decommissioning and phasing out of AI systems safely and in a manner that does not increase risks or decrease the organization’s trustworthiness.", "sov:function": "Govern", "sov:category": "GOVERN-1", "sov:topics": [ "Decommission", "Governance" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "4a1f1e0931c6c47d061b060d506c1d91a2ebd6a6b83bad4ed0a4c39af454e054", "bytes_utf8": 678 }, "section_actions": { "sha256": "e4e4bf7175d912cd62debde317d97941f2d31f244f82ad73b58fcd49d35ab984", "bytes_utf8": 1024 }, "section_doc": { "sha256": "8579018da3d78e2d747d67b010447dcd45b30fee4efda4237869b6d8e73f50d5", "bytes_utf8": 1090 }, "section_ref": { "sha256": "e13dfa69a12bb212050469ff342abb643cc63357f478150f300b8de02900503c", "bytes_utf8": 894 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 1.7", "json_category": "GOVERN-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-2-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 2.1", "skos:prefLabel": "GOVERN 2.1", "skos:definition": "Roles and responsibilities and lines of communication related to mapping, measuring, and managing AI risks are documented and are clear to individuals and teams throughout the organization.", "sov:function": "Govern", "sov:category": "GOVERN-2", "sov:topics": [ "Governance", "Risk Culture" ], "sov:aiActors": [ "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "fdb85dcb736e257b37b89bf87bbd972260b95a3a7addca0d9cea3236690a1a69", "bytes_utf8": 746 }, "section_actions": { "sha256": "ba8ecc0cabc5049dffe8c7e0d04d2efbc77b4cd789a98376de16788ff3616f31", "bytes_utf8": 1225 }, "section_doc": { "sha256": "1db7309de1b48b0c790876aea030ff7285a5a2a38819bb3c11cbbc78a2523e1c", "bytes_utf8": 1228 }, "section_ref": { "sha256": "717178c63b6ca28d48089631370dc76ee4acf9f3c912dff6a88a23b276f84b18", "bytes_utf8": 929 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 2.1", "json_category": "GOVERN-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-2-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 2.2", "skos:prefLabel": "GOVERN 2.2", "skos:definition": "The organization’s personnel and partners receive AI risk management training to enable them to perform their duties and responsibilities consistent with related policies, procedures, and agreements.", "sov:function": "Govern", "sov:category": "GOVERN-2", "sov:topics": [ "Governance", "AI Actor Training" ], "sov:aiActors": [ "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "2286f848d3dcdaf47c291bd22e2b898a75d09258ca4eac74ab37a6a39b54e075", "bytes_utf8": 472 }, "section_actions": { "sha256": "71204d5016e0f3ac780fa31b2ae1eee77f3b29b590552f039a3985c65d02e37e", "bytes_utf8": 983 }, "section_doc": { "sha256": "8fc9f1fc5725cb5922be2b0ae0a149d758a296137a64faea9d47e00bcad70bd0", "bytes_utf8": 1176 }, "section_ref": { "sha256": "38d56a2ceece91de2efbfb24301e365506b43239350641cc770ee297a2c59685", "bytes_utf8": 506 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 2.2", "json_category": "GOVERN-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-2-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 2.3", "skos:prefLabel": "GOVERN 2.3", "skos:definition": "Executive leadership of the organization takes responsibility for decisions about risks associated with AI system development and deployment.", "sov:function": "Govern", "sov:category": "GOVERN-2", "sov:topics": [ "Governance", "Risk Tolerance" ], "sov:aiActors": [ "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "e3a1242f149a2f207050f1af16d158fe3bd1dd8de4ac8df7276c305794240734", "bytes_utf8": 545 }, "section_actions": { "sha256": "02419e8d1c428efe068e9d886c3a6135f7d095fb3a38cf834dbadc30580f5250", "bytes_utf8": 686 }, "section_doc": { "sha256": "46385a3efb92fb30a383033d271cc473d7114a1fdd5aea843883271df4b94777", "bytes_utf8": 931 }, "section_ref": { "sha256": "286988f0baea801189994a6ea1e339b36491d2deef1cd8e55c75018863e319b7", "bytes_utf8": 237 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 2.3", "json_category": "GOVERN-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-3-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 3.1", "skos:prefLabel": "GOVERN 3.1", "skos:definition": "Decision-makings related to mapping, measuring, and managing AI risks throughout the lifecycle is informed by a diverse team (e.g., diversity of demographics, disciplines, experience, expertise, and backgrounds).", "sov:function": "Govern", "sov:category": "GOVERN-3", "sov:topics": [ "Diversity", "Interdisciplinarity", "Governance" ], "sov:aiActors": [ "Governance and Oversight", "AI Design" ], "sov:sourceTextHashes": { "section_about": { "sha256": "21f33182a19ef2d079cbb95dff2551eab049c351ecdab7a366055e0c12ed60b6", "bytes_utf8": 822 }, "section_actions": { "sha256": "03f4efa2527a5eed27a6e63d0f5802fb61750ca544950495624ff25b5fa345f3", "bytes_utf8": 922 }, "section_doc": { "sha256": "abd07ec68950e979492d50ec40a844628b58ca1e5adb50d05c6bf85ee5ea78d3", "bytes_utf8": 1218 }, "section_ref": { "sha256": "79b89eb4e665f0a44a64ed81e3e2d40e6704b6a58a4cd43661b2ae558340d9a0", "bytes_utf8": 1764 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 3.1", "json_category": "GOVERN-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-3-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 3.2", "skos:prefLabel": "GOVERN 3.2", "skos:definition": "Policies and procedures are in place to define and differentiate roles and responsibilities for human-AI configurations and oversight of AI systems.", "sov:function": "Govern", "sov:category": "GOVERN-3", "sov:topics": [ "Human-AI teaming", "Human oversight", "Governance", "AI Actor Training" ], "sov:aiActors": [ "AI Design" ], "sov:sourceTextHashes": { "section_about": { "sha256": "e1fc03b72ea125a9e4154765f67653de9c95e7c17dc868837047ee1accd568df", "bytes_utf8": 637 }, "section_actions": { "sha256": "afd5a80212472252f17e7e6c3cc44b2264cba5cfeb794a711e9b0ad516efda15", "bytes_utf8": 1239 }, "section_doc": { "sha256": "2fc519077e27e4fb6b1c60c41eac08fa646dc49c6d48dd3a6d5412caa1f6fb1c", "bytes_utf8": 1403 }, "section_ref": { "sha256": "14687e0db3b706b0809aeeb0cc69430dc9c85cebf3cbd91c05b5a5bfa8b2056e", "bytes_utf8": 1107 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 3.2", "json_category": "GOVERN-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-4-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 4.1", "skos:prefLabel": "GOVERN 4.1", "skos:definition": "Organizational policies, and practices are in place to foster a critical thinking and safety-first mindset in the design, development, deployment, and uses of AI systems to minimize negative impacts.", "sov:function": "Govern", "sov:category": "GOVERN-4", "sov:topics": [ "Risk Culture", "Governance", "Adversarial" ], "sov:aiActors": [ "AI Design", "AI Development", "AI Deployment", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "3b53c8580a46e47ea9806d98e13d3ee0311b7f8eae21b14a6239cfda6111b93e", "bytes_utf8": 1042 }, "section_actions": { "sha256": "0ee1e774ffc5022b0975b729aa1c4a280da096e577bb5ea0e0cf2b2e0711cd69", "bytes_utf8": 748 }, "section_doc": { "sha256": "890afffa1b71e31d066ebdb6dcafc362b693a639e42e02366667765ecd8f3a85", "bytes_utf8": 1061 }, "section_ref": { "sha256": "42aeba33473aba3b32cc83196d4333f388e72ddc4db40c93b451f2616a9cd038", "bytes_utf8": 1233 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 4.1", "json_category": "GOVERN-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-4-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 4.2", "skos:prefLabel": "GOVERN 4.2", "skos:definition": "Organizational teams document the risks and potential impacts of the AI technology they design, develop, deploy, evaluate and use, and communicate about the impacts more broadly.", "sov:function": "Govern", "sov:category": "GOVERN-4", "sov:topics": [ "Risk Culture", "Governance", "Impact Assessment" ], "sov:aiActors": [ "AI Design", "AI Development", "AI Deployment", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "6e09230583e5b039ee2a7b77099b1d861af1093e54a1f8dbc81c45134efa4164", "bytes_utf8": 1056 }, "section_actions": { "sha256": "0d3b5885980e3ba641e66e05e41b6b2ffb04b725b2488bcf3dd0b800db90da89", "bytes_utf8": 472 }, "section_doc": { "sha256": "8578038823719e2dafd01106e13afeaa96ff7fce22636ee6d5183a3c074b50bf", "bytes_utf8": 926 }, "section_ref": { "sha256": "f4de3f1b7508dcf2265952a44c73f75d02160798a382a01a3f7974147c94631a", "bytes_utf8": 3521 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 4.2", "json_category": "GOVERN-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-4-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 4.3", "skos:prefLabel": "GOVERN 4.3", "skos:definition": "Organizational practices are in place to enable AI testing, identification of incidents, and information sharing.", "sov:function": "Govern", "sov:category": "GOVERN-4", "sov:topics": [ "Risk Culture", "Governance", "AI Incidents", "Impact Assessment", "Drift", "Fairness and Bias" ], "sov:aiActors": [ "TEVV", "Operation and Monitoring", "Governance and Oversight", "Fairness and Bias" ], "sov:sourceTextHashes": { "section_about": { "sha256": "d5266a75ec7d92f48f7943275687f13ce22629e42e0eb142b484d1b3190ef136", "bytes_utf8": 1518 }, "section_actions": { "sha256": "811bff67c8f13626efdeb196e5fe8f86e9dddf9c6a2a5f2568fbe0a3a27cd5ec", "bytes_utf8": 491 }, "section_doc": { "sha256": "33f7569ee286f5d02d23b3817086e719d48309670940df1d4c6b8d3d3d5978e7", "bytes_utf8": 980 }, "section_ref": { "sha256": "6cbacf27e6e4d0b0005e1821c7751a7ae97c625accf8b5546312c2036240087f", "bytes_utf8": 990 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 4.3", "json_category": "GOVERN-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-5-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 5.1", "skos:prefLabel": "GOVERN 5.1", "skos:definition": "Organizational policies and practices are in place to collect, consider, prioritize, and integrate feedback from those external to the team that developed or deployed the AI system regarding the potential individual and societal impacts related to AI risks.", "sov:function": "Govern", "sov:category": "GOVERN-5", "sov:topics": [ "Participation", "Governance", "Impact Assessment" ], "sov:aiActors": [ "AI Design", "Governance and Oversight", "AI Impact Assessment", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "efab3055a7eca4671e290eb5a0b62345470a7299c88c123f8dd699640b12ae73", "bytes_utf8": 1845 }, "section_actions": { "sha256": "550b7d30e07610622bdf7929da2cee20f0e02ab23dfd736603ae15711b928778", "bytes_utf8": 989 }, "section_doc": { "sha256": "b499ffa0a18d15c933b933bd19f988ff0e6dc5eb19c36eee6c401e77e78133ec", "bytes_utf8": 1166 }, "section_ref": { "sha256": "08760b0228d2d3e28ac050be67d2c2f298e0fab8439450e2256c2ee627d65d5a", "bytes_utf8": 1271 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 5.1", "json_category": "GOVERN-5" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-5-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 5.2", "skos:prefLabel": "GOVERN 5.2", "skos:definition": "Mechanisms are established to enable AI actors to regularly incorporate adjudicated feedback from relevant AI actors into system design and implementation.", "sov:function": "Govern", "sov:category": "GOVERN-5", "sov:topics": [ "Participation", "Governance", "Impact Assessment" ], "sov:aiActors": [ "AI Impact Assessment", "Governance and Oversight", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "4809b7eccc0f663543b36026524bf9637921fd50847481096427916e2de59882", "bytes_utf8": 736 }, "section_actions": { "sha256": "d2ef22db35e6878ab0315eb8e351516cb0c60b0b8b2426133f4d968717325be1", "bytes_utf8": 1299 }, "section_doc": { "sha256": "befa838ee53aa626768b0a81f192be28643f81e10cc9a280e5ad8c0037c518b2", "bytes_utf8": 1269 }, "section_ref": { "sha256": "8388f3ae46e35ad50d8daf322309f0dc3de144159121a5d23709672b00cd5073", "bytes_utf8": 603 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 5.2", "json_category": "GOVERN-5" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-6-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 6.1", "skos:prefLabel": "GOVERN 6.1", "skos:definition": "Policies and procedures are in place that address AI risks associated with third-party entities, including risks of infringement of a third party’s intellectual property or other rights.", "sov:function": "Govern", "sov:category": "GOVERN-6", "sov:topics": [ "Third-party", "Legal and Regulatory", "Procurement", "Supply Chain", "Governance" ], "sov:aiActors": [ "Third-party entities", "Operation and Monitoring", "Procurement" ], "sov:sourceTextHashes": { "section_about": { "sha256": "e49f4597982c4ccb64bc5cbdbbdc66de4b971b3cd37ff158dd6ee4b7de13ae1f", "bytes_utf8": 895 }, "section_actions": { "sha256": "8f83e6330fe0a12b10effe97fa9b82e9d84316ee3c12f4daf8d62e43ccd69737", "bytes_utf8": 717 }, "section_doc": { "sha256": "3c3d2633b3786fd23e0c0b9b20fa1b1d047a401e6768f102900d88275c49c965", "bytes_utf8": 1974 }, "section_ref": { "sha256": "c1633fcfb2655555216547097a2881cec20fb27414500794331b0dd4513af598", "bytes_utf8": 517 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 6.1", "json_category": "GOVERN-6" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#govern-6-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "GOVERN 6.2", "skos:prefLabel": "GOVERN 6.2", "skos:definition": "Contingency processes are in place to handle failures or incidents in third-party data or AI systems deemed to be high-risk.", "sov:function": "Govern", "sov:category": "GOVERN-6", "sov:topics": [ "Third-party", "Governance", "Risk Management", "Supply Chain" ], "sov:aiActors": [ "AI Deployment", "TEVV", "Operation and Monitoring", "Third-party entities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "b52e2adc1ccc667d4f81c667aa0a06829c89301b0ffca83afe3c3ef96b950fcc", "bytes_utf8": 177 }, "section_actions": { "sha256": "31a296c7b42aeb953b9a92ee151fe787a7eed71b46bd38d7dc8b1ee778c72443", "bytes_utf8": 215 }, "section_doc": { "sha256": "89d78c47ffd60e92cb4b5d5bc689fe71215e6f54a1bcc79b89f933beb17ce9d1", "bytes_utf8": 1286 }, "section_ref": { "sha256": "c1633fcfb2655555216547097a2881cec20fb27414500794331b0dd4513af598", "bytes_utf8": 517 } }, "sov:evidenceMapping": [ "policy_pack", "authority_boundary", "ssej_record", "scope_declaration", "residual_risk_decision", "residual_register" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "GOVERN 6.2", "json_category": "GOVERN-6" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-1-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 1.1", "skos:prefLabel": "MAP 1.1", "skos:definition": "Intended purpose, potentially beneficial uses, context-specific laws, norms and expectations, and prospective settings in which the AI system will be deployed are understood and documented. Considerations include: specific set or types of users along with their expectations; potential positive and negative impacts of system uses to individuals, communities, organizations, society, and the planet; assumptions and related limitations about AI system purposes; uses and risks across the development or product AI lifecycle; TEVV and system metrics.", "sov:function": "Map", "sov:category": "MAP-1", "sov:topics": [ "Socio-technical systems", "Societal Values", "Context of Use", "Impact Assessment", "TEVV", "Trustworthy Characteristics", "Validity and Reliability", "Safety", "Secure and Resilient", "Accountability and Transparency", "Explainability and Interpretability", "Privacy", "Fairness and Bias" ], "sov:aiActors": [], "sov:sourceTextHashes": { "section_about": { "sha256": "4fe237b2e065a3d71a73e90bcc4fb81e4c923da1ed8a848e6abcb4c620390858", "bytes_utf8": 1942 }, "section_actions": { "sha256": "96e8f8dd35d912c444f6231a1b275a5530381c49570755333de33d9a96a49a49", "bytes_utf8": 2063 }, "section_doc": { "sha256": "15b5cba19ac72cd7d9ffa88085321ae53525216d2fa3b4fc51f701433d23a6c2", "bytes_utf8": 848 }, "section_ref": { "sha256": "4d51aa01bfa4af4d83f730ed6ebd1d78cd1da394aa3d4f2c3683779a67d5f642", "bytes_utf8": 6057 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 1.1", "json_category": "MAP-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-1-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 1.2", "skos:prefLabel": "MAP 1.2", "skos:definition": "Inter-disciplinary AI actors, competencies, skills and capacities for establishing context reflect demographic diversity and broad domain and user experience expertise, and their participation is documented. Opportunities for interdisciplinary collaboration are prioritized.", "sov:function": "Map", "sov:category": "MAP-1", "sov:topics": [ "Diversity", "Interdisciplinarity", "Socio-technical systems" ], "sov:aiActors": [], "sov:sourceTextHashes": { "section_about": { "sha256": "20a81d7d7d58c270c7e12a7cbd89b374b8920a9c95c1106b2091891e3eba267c", "bytes_utf8": 722 }, "section_actions": { "sha256": "ca3f0b562e84184a45b99e74ea067bb757af9df6b632b650e0c622d201bf9264", "bytes_utf8": 555 }, "section_doc": { "sha256": "001e6a9a89890cac38214221c531b9175404ac3f8bfa17008e30f89401f2b375", "bytes_utf8": 1910 }, "section_ref": { "sha256": "af5a9bc6fa8fa44d8cdcc97f91a2201784de4a4214eadc7626146263155ad92d", "bytes_utf8": 1105 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 1.2", "json_category": "MAP-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-1-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 1.3", "skos:prefLabel": "MAP 1.3", "skos:definition": "The organization’s mission and relevant goals for the AI technology are understood and documented.", "sov:function": "Map", "sov:category": "MAP-1", "sov:topics": [ "Socio-technical systems", "Societal Values" ], "sov:aiActors": [], "sov:sourceTextHashes": { "section_about": { "sha256": "67985b9222ae6b09800ed2b164f6676a682db4150a69d66442023dbfdbae4dc4", "bytes_utf8": 810 }, "section_actions": { "sha256": "0c316c3690069fe69d8a2835b87c70d91696c568e9d90586ed69c8ac53b190f2", "bytes_utf8": 484 }, "section_doc": { "sha256": "faa04869b260aa0f98293d842a1f625aa6058d9ceea840b350915f9044cbae4d", "bytes_utf8": 882 }, "section_ref": { "sha256": "946fdd0642db7a4b626fa79b94dbacd499bc40f1ca752ac496f16273d754f0d6", "bytes_utf8": 1098 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 1.3", "json_category": "MAP-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-1-4", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 1.4", "skos:prefLabel": "MAP 1.4", "skos:definition": "The business value or context of business use has been clearly defined or – in the case of assessing existing AI systems – re-evaluated.", "sov:function": "Map", "sov:category": "MAP-1", "sov:topics": [ "Context of Use" ], "sov:aiActors": [], "sov:sourceTextHashes": { "section_about": { "sha256": "11c57ecf987e3bf5dd1f16e03c7483006752bf37e870c52d598591a463e1b347", "bytes_utf8": 714 }, "section_actions": { "sha256": "6a5e593bce3214ad34e0443d1744fefba180797ef4e47764692db1f2823d1324", "bytes_utf8": 415 }, "section_doc": { "sha256": "06318936d7659e46f707568b7d181ae6f3091d73ca84f0795eaa7d9b6d857d99", "bytes_utf8": 942 }, "section_ref": { "sha256": "24a5892dd7b98b97884c8513793bf9389b1a54751acd9a61f0d04ede4aa44275", "bytes_utf8": 727 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 1.4", "json_category": "MAP-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-1-5", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 1.5", "skos:prefLabel": "MAP 1.5", "skos:definition": "Organizational risk tolerances are determined and documented.", "sov:function": "Map", "sov:category": "MAP-1", "sov:topics": [ "Risk Tolerance" ], "sov:aiActors": [], "sov:sourceTextHashes": { "section_about": { "sha256": "cd2de5d9d40386849806b12b288bd83d66cd3e3315c6ef704bbef9f57883dd67", "bytes_utf8": 1327 }, "section_actions": { "sha256": "ba08cd9a82baa435af9eff51ae9df2d287d161a5baac46c138293e50b46ed321", "bytes_utf8": 1186 }, "section_doc": { "sha256": "6d6f362d715cacd8ad44d1ae0ad2201083c1bdf8c5010b32b47018bfa7fa5494", "bytes_utf8": 904 }, "section_ref": { "sha256": "6d8ae7d82addffe933c3f9358ac68c7a76596264e8c91fb502e613fb08530666", "bytes_utf8": 1112 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 1.5", "json_category": "MAP-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-1-6", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 1.6", "skos:prefLabel": "MAP 1.6", "skos:definition": "System requirements (e.g., “the system shall respect the privacy of its users”) are elicited from and understood by relevant AI actors. Design decisions take socio-technical implications into account to address AI risks.", "sov:function": "Map", "sov:category": "MAP-1", "sov:topics": [ "Socio-technical systems", "Impact Assessment", "Documentation" ], "sov:aiActors": [], "sov:sourceTextHashes": { "section_about": { "sha256": "0ff5884fb5ecc428916a7d0c2b968a5518b68971782db1e1be78caa73b8424b8", "bytes_utf8": 538 }, "section_actions": { "sha256": "1280a41fc2a91273b1fb35c470692f6c0b34b2976bb0e6e3dcd6496cfe3ec292", "bytes_utf8": 1777 }, "section_doc": { "sha256": "14eb2163c890985aa002ad573169a0e6dd1a2b08026ca8fb7bb7163d96a6d630", "bytes_utf8": 1797 }, "section_ref": { "sha256": "05efec7ff78d260c618eb7f81552afe81614984cb1994a3e158bab8489c50390", "bytes_utf8": 2241 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 1.6", "json_category": "MAP-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-2-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 2.1", "skos:prefLabel": "MAP 2.1", "skos:definition": "The specific task, and methods used to implement the task, that the AI system will support is defined (e.g., classifiers, generative models, recommenders).", "sov:function": "Map", "sov:category": "MAP-2", "sov:topics": [ "Socio-technical systems" ], "sov:aiActors": [], "sov:sourceTextHashes": { "section_about": { "sha256": "056d87022b9f3dbc535de03a00ca50fc49f44cc03253eda37f739f0e4ab3578f", "bytes_utf8": 287 }, "section_actions": { "sha256": "909ad9bd91130187cd3def84f47ce5a1ab3a1b41763aec77746a0b56caff50be", "bytes_utf8": 121 }, "section_doc": { "sha256": "9f1d637e2917904848f654c52c8dd7ae5216e187109cd1d0204de6fd23c95078", "bytes_utf8": 1395 }, "section_ref": { "sha256": "45829fc8a99cf77b0eda15ae7fba3447d74b1369a669279b6885793d7467cebd", "bytes_utf8": 369 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 2.1", "json_category": "MAP-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-2-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 2.2", "skos:prefLabel": "MAP 2.2", "skos:definition": "Information about the AI system’s knowledge limits and how system output may be utilized and overseen by humans is documented. Documentation provides sufficient information to assist relevant AI actors when making informed decisions and taking subsequent actions.", "sov:function": "Map", "sov:category": "MAP-2", "sov:topics": [ "Limitations", "Human oversight", "Impact Assessment", "Documentation" ], "sov:aiActors": [], "sov:sourceTextHashes": { "section_about": { "sha256": "7ebbf8f4c15504335772f6e235f33df88130586602880647de55ac66f9904af8", "bytes_utf8": 1641 }, "section_actions": { "sha256": "ad2d284df4cf900a9dc123d775ec27ca0585781a4bf3f5421298134138610da4", "bytes_utf8": 1126 }, "section_doc": { "sha256": "b9774e887e6c71abef6bd465dab7e813f5636c97b65dc7313635b25d739c8e8f", "bytes_utf8": 1328 }, "section_ref": { "sha256": "20a9f31c37577e05e9dae814ff2d1b74a4b8d6b9445c375f462410a73c5ac135", "bytes_utf8": 4243 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 2.2", "json_category": "MAP-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-2-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 2.3", "skos:prefLabel": "MAP 2.3", "skos:definition": "Scientific integrity and TEVV considerations are identified and documented, including those related to experimental design, data collection and selection (e.g., availability, representativeness, suitability), system trustworthiness, and construct validation.", "sov:function": "Map", "sov:category": "MAP-2", "sov:topics": [ "TEVV", "Data", "Impact Assessment", "Limitations" ], "sov:aiActors": [ "AI Development", "TEVV", "Domain Experts" ], "sov:sourceTextHashes": { "section_about": { "sha256": "ea3a80252afc09d8eecc8e952c9203ebf248d11991be16b4657e0fd191419686", "bytes_utf8": 1540 }, "section_actions": { "sha256": "39692f2718044fc5b4d83f77438efbb571755139ff6e941e7b505cf14eccbb91", "bytes_utf8": 3665 }, "section_doc": { "sha256": "d7a658cffb0c2abf26435a9e1fb8a3713c806a5aab9d3ac1a5f5085a0dbc5b92", "bytes_utf8": 1865 }, "section_ref": { "sha256": "738d59914b7b5edf672f2463255d8aa18deaf0447306cb76fed5280e46f532d4", "bytes_utf8": 3484 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 2.3", "json_category": "MAP-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-3-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 3.1", "skos:prefLabel": "MAP 3.1", "skos:definition": "Potential benefits of intended AI system functionality and performance are examined and documented.", "sov:function": "Map", "sov:category": "MAP-3", "sov:topics": [ "Socio-technical systems", "Documentation" ], "sov:aiActors": [ "AI Development", "AI Deployment", "AI Impact Assessment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "38e6b3520654edec643483fec8bc4cf882e2241a65b840b3d13887e6264bc2d4", "bytes_utf8": 990 }, "section_actions": { "sha256": "ccdd8a6cb508ae0739e858b236302111bf6458358935a669ca0e30a23f13e18a", "bytes_utf8": 963 }, "section_doc": { "sha256": "ebd93b4b2ff6078f6a6e7d90203b8404cc2d1d89dce229a4f283924e10d8f39b", "bytes_utf8": 1028 }, "section_ref": { "sha256": "0d5b471572051efbfe25ec9052efba19992d5b507902c713fff08bc138a5ff14", "bytes_utf8": 1341 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 3.1", "json_category": "MAP-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-3-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 3.2", "skos:prefLabel": "MAP 3.2", "skos:definition": "Potential costs, including non-monetary costs, which result from expected or realized AI errors or system functionality and trustworthiness - as connected to organizational risk tolerance - are examined and documented.", "sov:function": "Map", "sov:category": "MAP-3", "sov:topics": [ "Impact Assessment", "Trustworthy Characteristics", "Validity and Reliability", "Safety", "Secure and Resilient", "Accountability and Transparency", "Explainability and Interpretability", "Privacy", "Fairness and Bias" ], "sov:aiActors": [ "AI Design", "AI Development", "Operation and Monitoring", "AI Design", "AI Impact Assessment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "e0fe196438eb5a5314cb1faf79d562667f634235035081b18df8f929f905f253", "bytes_utf8": 460 }, "section_actions": { "sha256": "96409d498677f9753313217afab432bc1eb98691ef364f6d6ad0f7c0c8c1dfcb", "bytes_utf8": 778 }, "section_doc": { "sha256": "373819c9e83a5035dbdb1f889c47c0965e78de22b7f260e692636b1379fd0d3e", "bytes_utf8": 961 }, "section_ref": { "sha256": "e8114e4c519bf77321598090b39206b9f6146c0ccd0d90bc6b8f8b1cc184ce40", "bytes_utf8": 1244 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 3.2", "json_category": "MAP-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-3-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 3.3", "skos:prefLabel": "MAP 3.3", "skos:definition": "Targeted application scope is specified and documented based on the system’s capability, established context, and AI system categorization.", "sov:function": "Map", "sov:category": "MAP-3", "sov:topics": [ "Context of Use", "Documentation" ], "sov:aiActors": [ "AI Design", "AI Development", "Human Factors" ], "sov:sourceTextHashes": { "section_about": { "sha256": "ae11bc8511e570347ed6bc52870e835008d1161fba1499d9da2e414d76176f8c", "bytes_utf8": 723 }, "section_actions": { "sha256": "9ebeaf48a4b55697ef7144d8883aeca4aa97daf3b768656da2815282e13a4426", "bytes_utf8": 686 }, "section_doc": { "sha256": "da949accc5b9c97134420d3362ac3206bfe093d3f5f681ad54ff177eab7aca85", "bytes_utf8": 686 }, "section_ref": { "sha256": "4765fd3f929234ac4a4d1296cc7873b10fdcc35d29f3f4184fe5e40f28620f60", "bytes_utf8": 774 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 3.3", "json_category": "MAP-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-3-4", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 3.4", "skos:prefLabel": "MAP 3.4", "skos:definition": "Processes for operator and practitioner proficiency with AI system performance and trustworthiness – and relevant technical standards and certifications – are defined, assessed and documented.", "sov:function": "Map", "sov:category": "MAP-3", "sov:topics": [ "Human-AI teaming" ], "sov:aiActors": [ "AI Design", "AI Development", "Human Factors", "End-Users", "Domain Experts", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "6895d5a557e0666d7d9744d82ad0ecdd047de27c1ece620641f9f78f3290205b", "bytes_utf8": 1864 }, "section_actions": { "sha256": "fd9d7a9076546804ccfaf80dd4a627f64bc0c29138649ea1d75da54f954698e9", "bytes_utf8": 1787 }, "section_doc": { "sha256": "33961c0425f1f2ad3fbd98756f4f72d580d63bf9031989395a13b1f7c29595d4", "bytes_utf8": 1134 }, "section_ref": { "sha256": "df1ac532e84fb97ff0d8b398c36e314485abae3807791b9900c13878fd54cd96", "bytes_utf8": 2700 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 3.4", "json_category": "MAP-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-3-5", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 3.5", "skos:prefLabel": "MAP 3.5", "skos:definition": "Processes for human oversight are defined, assessed, and documented in accordance with organizational policies from GOVERN function.", "sov:function": "Map", "sov:category": "MAP-3", "sov:topics": [ "Human oversight" ], "sov:aiActors": [ "Human Factors", "End-Users", "Domain Experts", "Operation and Monitoring", "AI Design" ], "sov:sourceTextHashes": { "section_about": { "sha256": "e253d58901fe48f62502318edf2fe4a3641573b86fa385ac83468d439b9697d1", "bytes_utf8": 1158 }, "section_actions": { "sha256": "05b89912fe6932221b86b61431bdd5d2cddf829415f29107dbadaa4ccad4c4f4", "bytes_utf8": 1012 }, "section_doc": { "sha256": "a73e728d4f2dc798fe56d1e43d438e781cbcc911c0a38696907ad44441c61f8c", "bytes_utf8": 829 }, "section_ref": { "sha256": "c207c7634e88cd65e8b398344d1439c21dad67fc67c24b1b341d55bbfe56a430", "bytes_utf8": 1573 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 3.5", "json_category": "MAP-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-4-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 4.1", "skos:prefLabel": "MAP 4.1", "skos:definition": "Approaches for mapping AI technology and legal risks of its components – including the use of third-party data or software – are in place, followed, and documented, as are risks of infringement of a third-party’s intellectual property or other rights.", "sov:function": "Map", "sov:category": "MAP-4", "sov:topics": [ "Legal and Regulatory", "Third-party", "Pre-trained models", "Supply Chain", "Risk Tolerance", "Risky Emergent Behavior" ], "sov:aiActors": [ "Third-party entities", "Procurement", "Operation and Monitoring", "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "22511352e212744145a1377ff9b73baeb35a6f81eadfb97791525c39d4980c9b", "bytes_utf8": 598 }, "section_actions": { "sha256": "c1742ce6402d05266ed5acefcb94697a0b58387c7cfbc98d1ff7d204e9aa0dde", "bytes_utf8": 798 }, "section_doc": { "sha256": "55a7ee4c868da3f5f7c218ebeaba52c459efefd80cc7c12d000d2568909139d7", "bytes_utf8": 928 }, "section_ref": { "sha256": "d1c284e9e1ae9292f838edc46ae16d73e6f5e20ec1d2e9b2d4e0b7a79ccdf1a5", "bytes_utf8": 1751 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 4.1", "json_category": "MAP-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-4-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 4.2", "skos:prefLabel": "MAP 4.2", "skos:definition": "Internal risk controls for components of the AI system including third-party AI technologies are identified and documented.", "sov:function": "Map", "sov:category": "MAP-4", "sov:topics": [ "Third-party", "Pre-trained models" ], "sov:aiActors": [ "AI Deployment", "TEVV", "Operation and Monitoring", "Third-party entities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "e164af94aac322fba7a8cf798c57d24c2c3a0bbbc228b98e7d09ec26da1e90f9", "bytes_utf8": 342 }, "section_actions": { "sha256": "9e832979d841be1a8b119e896de38272694879157861103c47fb8c776115e250", "bytes_utf8": 526 }, "section_doc": { "sha256": "552dbf463a9b2c6a4b095aa8b6a31a6229ca714146775f1cb0efbee2f56e0ac3", "bytes_utf8": 1216 }, "section_ref": { "sha256": "3b6e3a6afd852dfe3c5200ffc0e8cce71e401632dcf533f1bb478f1e66bfcab5", "bytes_utf8": 702 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 4.2", "json_category": "MAP-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-5-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 5.1", "skos:prefLabel": "MAP 5.1", "skos:definition": "Likelihood and magnitude of each identified impact (both potentially beneficial and harmful) based on expected use, past uses of AI systems in similar contexts, public incident reports, feedback from those external to the team that developed or deployed the AI system, or other data are identified and documented.", "sov:function": "Map", "sov:category": "MAP-5", "sov:topics": [ "Participation", "Impact Assessment" ], "sov:aiActors": [ "AI Design", "AI Development", "AI Deployment", "AI Impact Assessment", "Operation and Monitoring", "Affected Individuals and Communities", "End-Users" ], "sov:sourceTextHashes": { "section_about": { "sha256": "c71f770744fe0ef2cb013a2498695d3ce0d5e387cd5aab36a844b9cff5a035eb", "bytes_utf8": 380 }, "section_actions": { "sha256": "69f30190f56a81dd8841e7dd7b6edf1fe39678db98d3abd1ffafab10f7403ed5", "bytes_utf8": 650 }, "section_doc": { "sha256": "b87a5623b40cb45237391f1a1fd49fb9f5c9a00547681d8ab072f369506cd8a0", "bytes_utf8": 1151 }, "section_ref": { "sha256": "3bb9df86c9c79ed6ef0c5262ffe4520cf77341b16e4dba8a5b950f8e84f64bd5", "bytes_utf8": 1002 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 5.1", "json_category": "MAP-5" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#map-5-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MAP 5.2", "skos:prefLabel": "MAP 5.2", "skos:definition": "Practices and personnel for supporting regular engagement with relevant AI actors and integrating feedback about positive, negative, and unanticipated impacts are in place and documented.", "sov:function": "Map", "sov:category": "MAP-5", "sov:topics": [ "Participation", "Impact Assessment" ], "sov:aiActors": [ "AI Design", "Human Factors", "AI Deployment", "AI Impact Assessment", "Operation and Monitoring", "Domain Experts", "Affected Individuals and Communities", "End-Users" ], "sov:sourceTextHashes": { "section_about": { "sha256": "8a4e3683ccba37e558a3a87f342ba91befab6ca301cc54768f53cae9fdd96f19", "bytes_utf8": 757 }, "section_actions": { "sha256": "2d5714f16546103b35112aad82d9c2509e46c22ca7e28a9284b3136c7bcb529e", "bytes_utf8": 1312 }, "section_doc": { "sha256": "6716bdddf1ef885441822100da58936303bc408c3dce8fb842523221c669da29", "bytes_utf8": 1397 }, "section_ref": { "sha256": "6983ec57ec87fece4bb83ccc6a5ad93a596a85e580394b70501623edcd4f3abb", "bytes_utf8": 2754 } }, "sov:evidenceMapping": [ "evidence_graph", "component_lineage", "aibom_style_inventory", "source_catalog", "excluded_inputs_record", "intended_use_boundary" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MAP 5.2", "json_category": "MAP-5" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-1-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 1.1", "skos:prefLabel": "MEASURE 1.1", "skos:definition": "Approaches and metrics for measurement of AI risks enumerated during the Map function are selected for implementation starting with the most significant AI risks. The risks or trustworthiness characteristics that will not – or cannot – be measured are properly documented.", "sov:function": "Measure", "sov:category": "MEASURE-1", "sov:topics": [ "Trustworthy Characteristics", "Risk Assessment", "Risky Emergent Behavior", "TEVV", "Validity and Reliability", "Safety", "Secure and Resilient", "Accountability and Transparency", "Explainability and Interpretability", "Privacy", "Fairness and Bias" ], "sov:aiActors": [ "AI Development", "TEVV", "Domain Experts" ], "sov:sourceTextHashes": { "section_about": { "sha256": "35f38be4c0168fc665016803a9b697609614a32c0b9454e01959c8024ac1a648", "bytes_utf8": 1115 }, "section_actions": { "sha256": "be54db8a036291837a3c663a1efe57c2bdff9a79985db930b2052f908fd6c050", "bytes_utf8": 1555 }, "section_doc": { "sha256": "aaaa59f5d599ba8f79ea0f4a0c563c04d8e5b869c49cd9107ece36be1b982424", "bytes_utf8": 1123 }, "section_ref": { "sha256": "eea7e384e3814806353cebb39b28843cb5e82f076dc7c679f0c55a941a6ff165", "bytes_utf8": 1492 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 1.1", "json_category": "MEASURE-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-1-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 1.2", "skos:prefLabel": "MEASURE 1.2", "skos:definition": "Appropriateness of AI metrics and effectiveness of existing controls is regularly assessed and updated including reports of errors and impacts on affected communities.", "sov:function": "Measure", "sov:category": "MEASURE-1", "sov:topics": [ "Impact Assessment", "TEVV", "Context of Use" ], "sov:aiActors": [ "TEVV", "AI Impact Assessment", "AI Development", "AI Deployment", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "11813b45a3b5d95cab7d7133443d4f95d4cb90d238e0836ff89ccdcbdb2ab485", "bytes_utf8": 475 }, "section_actions": { "sha256": "45e12f4d3ea73ed43b06a82770fa6653a6ccfa0f6028f7f3fc827e804b793e98", "bytes_utf8": 1061 }, "section_doc": { "sha256": "40ff236e53659f8f6c2dbde3e330fdce874651f93b3bb698ef1276addfb6bf88", "bytes_utf8": 839 }, "section_ref": { "sha256": "f7c54296781984d744a15d342a8955d780d967e678ab175376f6d62bb4fa5028", "bytes_utf8": 1323 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 1.2", "json_category": "MEASURE-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-1-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 1.3", "skos:prefLabel": "MEASURE 1.3", "skos:definition": "Internal experts who did not serve as front-line developers for the system and/or independent assessors are involved in regular assessments and updates. Domain experts, users, AI actors external to the team that developed or deployed the AI system, and affected communities are consulted in support of assessments as necessary per organizational risk tolerance.", "sov:function": "Measure", "sov:category": "MEASURE-1", "sov:topics": [ "Participation", "Impact Assessment", "Context of Use" ], "sov:aiActors": [ "TEVV", "AI Impact Assessment", "AI Development", "AI Deployment", "Affected Individuals and Communities", "Domain Experts", "End-Users", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "bb7a2386e608fb3e78e834e0b74b1fbb252dcc851ee80b885b7ea0950ba65967", "bytes_utf8": 886 }, "section_actions": { "sha256": "be3e047a880217fe8ed66566f89215abeb8f113e97d06e429113f80545b15815", "bytes_utf8": 1335 }, "section_doc": { "sha256": "a58c8861959df6495cc7e15d047cddd6d02ea59996964e535be659f81272ef29", "bytes_utf8": 1344 }, "section_ref": { "sha256": "3fa22ccfacf0a4fd1e1145a4f22ea5f421be6fb8253fee2ce8e439d4c298be37", "bytes_utf8": 1066 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 1.3", "json_category": "MEASURE-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.1", "skos:prefLabel": "MEASURE 2.1", "skos:definition": "Test sets, metrics, and details about the tools used during test, evaluation, validation, and verification (TEVV) are documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Documentation", "Validity and Reliability" ], "sov:aiActors": [ "TEVV" ], "sov:sourceTextHashes": { "section_about": { "sha256": "14af0dbafd1083647956e5ff31475a04a08be1562884ae8cf82ceeda0cfa49f8", "bytes_utf8": 285 }, "section_actions": { "sha256": "677fcf2ab730c3406ff0421b70f46713141cc38a316afb2e63f347fdd009a524", "bytes_utf8": 340 }, "section_doc": { "sha256": "020d37698116d9681a577ff988b00c91a5292fe711bed2f059f6165d41b5970e", "bytes_utf8": 936 }, "section_ref": { "sha256": "e58ef93d4449e21358fd8cc2f6836093ff0e6c185b138b574f17b83401c04df9", "bytes_utf8": 1994 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.1", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-10", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.10", "skos:prefLabel": "MEASURE 2.10", "skos:definition": "Privacy risk of the AI system – as identified in the MAP function – is examined and documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Privacy", "Trustworthy Characteristics" ], "sov:aiActors": [ "TEVV", "Domain Experts", "Operation and Monitoring", "AI Impact Assessment", "AI Deployment", "End-Users" ], "sov:sourceTextHashes": { "section_about": { "sha256": "cc42542d396688ebe03ddbd5fbd07f1d5525f1064de9f6380468bf17bfcfb54b", "bytes_utf8": 1241 }, "section_actions": { "sha256": "c41918fc4f2bdc51b3b7fd14a27835fed3765804ee0797b29495a2e2c1a876de", "bytes_utf8": 1453 }, "section_doc": { "sha256": "a5b8e175f8ef6ed5ff60c97461ea3bea2846f78babb880541a4d333f5b7711d9", "bytes_utf8": 1118 }, "section_ref": { "sha256": "0067d24f829754fbbcda8549a738302a940cd69d7ec08c3899ef06461f6f6030", "bytes_utf8": 4136 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.10", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-11", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.11", "skos:prefLabel": "MEASURE 2.11", "skos:definition": "Fairness and bias – as identified in the MAP function – are evaluated and results are documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Fairness and Bias", "Trustworthy Characteristics" ], "sov:aiActors": [ "TEVV", "Domain Experts", "Operation and Monitoring", "AI Impact Assessment", "AI Deployment", "End-Users", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "70be6c47a1328700d2efa16d855972e42fd6890f314726fad90e791edd361e2c", "bytes_utf8": 2065 }, "section_actions": { "sha256": "7e4c6de783a88ecf6e4fad06e1ec498a907494bb867973cbcd9a771971732132", "bytes_utf8": 5112 }, "section_doc": { "sha256": "5771bd24fb0a93994dfdc3215204b88681979c7511446b56faf81042a256f703", "bytes_utf8": 1539 }, "section_ref": { "sha256": "4155e61c5b2eb80dd5a71234cc2b57362791a8c3e2f9165fe1b690bcb71d6c1f", "bytes_utf8": 7693 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.11", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-12", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.12", "skos:prefLabel": "MEASURE 2.12", "skos:definition": "Environmental impact and sustainability of AI model training and management activities – as identified in the MAP function – are assessed and documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Environmental Impact" ], "sov:aiActors": [ "TEVV", "Domain Experts", "Operation and Monitoring", "AI Impact Assessment", "AI Deployment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "94011343a7ac137917fcdf31b1651392191b8da9f6ed6d9a409a7d08be89bb7b", "bytes_utf8": 881 }, "section_actions": { "sha256": "d3e50d9c60c12224a4540fc71b04bba1399959953c27c6648bf101785c9b23ee", "bytes_utf8": 987 }, "section_doc": { "sha256": "39abc474e99fb8510a9e9b84ea9c5deadb103f7bf6a8cfa9292ec3f5508b2aaf", "bytes_utf8": 888 }, "section_ref": { "sha256": "c0de3d0cd5598da6d584d00c3119b4ce7a1637ac8eb0080759cdeb8b5444f7ce", "bytes_utf8": 1243 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.12", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-13", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.13", "skos:prefLabel": "MEASURE 2.13", "skos:definition": "Effectiveness of the employed TEVV metrics and processes in the MEASURE function are evaluated and documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Effectiveness" ], "sov:aiActors": [ "TEVV", "AI Deployment", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "b4f364cdfce1f368d9291c42a77dac39c45dddd86527233cab73e20c0dfbc97f", "bytes_utf8": 625 }, "section_actions": { "sha256": "da6d0d804ed2eeeb414382c534f837ada6a856e037c4f98df5489b3d6049b303", "bytes_utf8": 475 }, "section_doc": { "sha256": "6da72fcee6fe6fb2657bb37b503a3a6da7eafff9810e93f1abc485e51722c75e", "bytes_utf8": 1026 }, "section_ref": { "sha256": "712fb0db177ace474a04c397b36d826b6a8fd9da13155919ef19ee5cb8b0d640", "bytes_utf8": 924 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.13", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.2", "skos:prefLabel": "MEASURE 2.2", "skos:definition": "Evaluations involving human subjects meet applicable requirements (including human subject protection) and are representative of the relevant population.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "Data", "Human Subjects Protection" ], "sov:aiActors": [ "TEVV", "Human Factors", "AI Development" ], "sov:sourceTextHashes": { "section_about": { "sha256": "e3959d02083f1ae03d7ffdcbaa3a54124aaaaca429a094e482e971522246b603", "bytes_utf8": 1270 }, "section_actions": { "sha256": "cc6f381f0a215ff220994c0103b05bc6a00761776cd74f0f23612e63bd997a9d", "bytes_utf8": 1185 }, "section_doc": { "sha256": "ec75e542ace2b73d5b0a71ca203f8df2278816cda9dc8596a67b5980699dd839", "bytes_utf8": 1729 }, "section_ref": { "sha256": "a167523bb0e5eed283e9efc187ea5bbe680c08d7c20b10bca3aa486acdc03d28", "bytes_utf8": 3625 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.2", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.3", "skos:prefLabel": "MEASURE 2.3", "skos:definition": "AI system performance or assurance criteria are measured qualitatively or quantitatively and demonstrated for conditions similar to deployment setting(s). Measures are documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Impact Assessment" ], "sov:aiActors": [ "TEVV", "AI Deployment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "fa68285dbce6ec0e429c347791122f1ea6f9a1eebc4b211a54cb6a7218406bd8", "bytes_utf8": 672 }, "section_actions": { "sha256": "affe5b7724e4c25c85b8a29a3c309faf6374496fec17f9209223f969822999a5", "bytes_utf8": 1110 }, "section_doc": { "sha256": "5cf6ecd280784f3fcbd3f2991a2748cdd2be01d827ae37152b09970ee7e45f79", "bytes_utf8": 1223 }, "section_ref": { "sha256": "978a76a7a5bf4d62fa40e59bc13d62f8d1da5a00818370ad6ebb2ec1111fb0e7", "bytes_utf8": 2463 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.3", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-4", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.4", "skos:prefLabel": "MEASURE 2.4", "skos:definition": "The functionality and behavior of the AI system and its components – as identified in the MAP function – are monitored when in production.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Monitoring", "Drift" ], "sov:aiActors": [ "AI Deployment", "TEVV" ], "sov:sourceTextHashes": { "section_about": { "sha256": "a4660dab37b7446f99ca2b1f809cc3cdd3b98e8c2310fc9ba2b658c9f1a10d99", "bytes_utf8": 462 }, "section_actions": { "sha256": "1e17d075c106730303be183f4d76497ee5346fa039653c6fae2076cd98276e14", "bytes_utf8": 1485 }, "section_doc": { "sha256": "cf95822837f04d0663817951536d85dd234c32fd33b7ee399ec81e6d7b4c7377", "bytes_utf8": 859 }, "section_ref": { "sha256": "9e5a4a57a216c7d6baadb75634c6d84adef21545329b34cc215cc3ecf7d9dec2", "bytes_utf8": 342 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.4", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-5", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.5", "skos:prefLabel": "MEASURE 2.5", "skos:definition": "The AI system to be deployed is demonstrated to be valid and reliable. Limitations of the generalizability beyond the conditions under which the technology was developed are documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Validity and Reliability", "Trustworthy Characteristics", "Data" ], "sov:aiActors": [ "TEVV", "Domain Experts" ], "sov:sourceTextHashes": { "section_about": { "sha256": "3c6da8997c2522686c91aabab188fc18202c9409cde5bc1a50d929bcb90da100", "bytes_utf8": 1105 }, "section_actions": { "sha256": "4555a76b6bc3d86fa7ca534d0c65f94a2b182786c31c5d3bcaeed094ccd31cb6", "bytes_utf8": 2358 }, "section_doc": { "sha256": "3b35dc6a97566b46b4ce41f112375b7be317635a6b8fad3cf598bf21a3b6212f", "bytes_utf8": 934 }, "section_ref": { "sha256": "a96b7efa498017ddc6358e120061cb6f380c9b47c771db19cc4601ed1aa9dfde", "bytes_utf8": 1718 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.5", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-6", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.6", "skos:prefLabel": "MEASURE 2.6", "skos:definition": "AI system is evaluated regularly for safety risks – as identified in the MAP function. The AI system to be deployed is demonstrated to be safe, its residual negative risk does not exceed the risk tolerance, and can fail safely, particularly if made to operate beyond its knowledge limits. Safety metrics implicate system reliability and robustness, real-time monitoring, and response times for AI system failures.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Safety", "Trustworthy Characteristics", "Context of Use" ], "sov:aiActors": [ "TEVV", "Domain Experts", "Operation and Monitoring", "AI Impact Assessment", "AI Deployment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "ac8a1f6b65f534953a4d43cb02ac3c012ca8dd0782e213e0c445e1a36996d8a0", "bytes_utf8": 1270 }, "section_actions": { "sha256": "0208f8723d0ecb3c1fa0a18de92be440cc12cc629f1541f7846b9034456bbff2", "bytes_utf8": 1719 }, "section_doc": { "sha256": "aa69f5203980d07eebd303161d9272506e56d9fd76ab9e42fdeb2a65ab4abb42", "bytes_utf8": 1201 }, "section_ref": { "sha256": "da06c6e06acbff86f3c064bfc94645c05f57ce76a47929a645d96fd3677e4391", "bytes_utf8": 1048 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.6", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-7", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.7", "skos:prefLabel": "MEASURE 2.7", "skos:definition": "AI system security and resilience – as identified in the MAP function – are evaluated and documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Secure and Resilient", "Trustworthy Characteristics", "Adversarial", "Risky Emergent Behavior" ], "sov:aiActors": [ "TEVV", "Domain Experts", "Operation and Monitoring", "AI Impact Assessment", "AI Deployment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "dc481eaca5036ebfef1bb3878952eaf22b283226837a7c7edd8edc1696249e52", "bytes_utf8": 1112 }, "section_actions": { "sha256": "066a20bd5e21f63e2a3df58fb1b1d89e491c7a4f482dc140b2fb585dedf6e201", "bytes_utf8": 1631 }, "section_doc": { "sha256": "43a92dd40783a7037fcb86b040901b3488ccb881dcb5412ce11d63569358a324", "bytes_utf8": 1131 }, "section_ref": { "sha256": "f51a46a925517706278522815563ef3c313000c571574fb8b431bcb2a9238e12", "bytes_utf8": 1633 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.7", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-8", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.8", "skos:prefLabel": "MEASURE 2.8", "skos:definition": "Risks associated with transparency and accountability – as identified in the MAP function – are examined and documented.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Accountability and Transparency", "Trustworthy Characteristics" ], "sov:aiActors": [ "TEVV", "Domain Experts", "Operation and Monitoring", "AI Impact Assessment", "AI Deployment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "314c0e52260552aa27f50ffdc4490aa6606147af212ee7647dab0ed27d908e1a", "bytes_utf8": 1707 }, "section_actions": { "sha256": "4ab2f0f2d2fb56b7584916ffcdae7ee147e2212c9d15fa4861e74b858f065ac6", "bytes_utf8": 1732 }, "section_doc": { "sha256": "72df5530e73a98c7074a9161425241fe81e13d07b628ec36f60f31200a8baa52", "bytes_utf8": 1022 }, "section_ref": { "sha256": "52ab20f43419eb48e653d5196ceb92ef04ededa932d734459ddea1317194541a", "bytes_utf8": 1475 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.8", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-2-9", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 2.9", "skos:prefLabel": "MEASURE 2.9", "skos:definition": "The AI model is explained, validated, and documented, and AI system output is interpreted within its context – as identified in the MAP function – and to inform responsible use and governance.", "sov:function": "Measure", "sov:category": "MEASURE-2", "sov:topics": [ "TEVV", "Explainability and Interpretability", "Trustworthy Characteristics" ], "sov:aiActors": [ "TEVV", "Domain Experts", "Operation and Monitoring", "AI Impact Assessment", "AI Deployment", "End-Users" ], "sov:sourceTextHashes": { "section_about": { "sha256": "c7d3f9f176400a4af50b2d18614b778f3073e37fdf0d0c3754b97db96baf4fb9", "bytes_utf8": 1237 }, "section_actions": { "sha256": "67fb8032c203f9ee8ae417638eaf744934c95209ac276741e95c840698f40c5b", "bytes_utf8": 2008 }, "section_doc": { "sha256": "f259f5a7ff19f6dce375a51bbeb788dd98ad27a220cb8a56cfb5f41ad80b317b", "bytes_utf8": 1334 }, "section_ref": { "sha256": "bba84df31f432c4cd60f983a96ebdc5a39c4313680d18f8ab6f5dadd4d0540fc", "bytes_utf8": 4661 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 2.9", "json_category": "MEASURE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-3-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 3.1", "skos:prefLabel": "MEASURE 3.1", "skos:definition": "Approaches, personnel, and documentation are in place to regularly identify and track existing, unanticipated, and emergent AI risks based on factors such as intended and actual performance in deployed contexts.", "sov:function": "Measure", "sov:category": "MEASURE-3", "sov:topics": [ "TEVV", "Monitoring", "Continual Improvement" ], "sov:aiActors": [ "TEVV", "AI Impact Assessment", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "d2768677ff12deefe32c12aae00662d1de2a201c3e114740a3c782ded6494b85", "bytes_utf8": 541 }, "section_actions": { "sha256": "25d175e4ebd5f2e01a951661ca1e142b6717afe3e57e6f79ad4409464f83de23", "bytes_utf8": 997 }, "section_doc": { "sha256": "6978d6a11ac3e0d67a9b9aea5b25b3da5ec9e7beb8ba9622b032c9a9cbd68514", "bytes_utf8": 1131 }, "section_ref": { "sha256": "e7fb91588417b412c416a2979683debcf78f16a3cdd37bb94bae9ac373251d67", "bytes_utf8": 312 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 3.1", "json_category": "MEASURE-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-3-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 3.2", "skos:prefLabel": "MEASURE 3.2", "skos:definition": "Risk tracking approaches are considered for settings where AI risks are difficult to assess using currently available measurement techniques or where metrics are not yet available.", "sov:function": "Measure", "sov:category": "MEASURE-3", "sov:topics": [ "Monitoring", "Continual Improvement" ], "sov:aiActors": [ "TEVV", "Domain Experts", "AI Impact Assessment", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "24898c02242d4d1ab2f166ed279036ad49e2e069bc67e3ea4dd3e3cb8f6c2e72", "bytes_utf8": 249 }, "section_actions": { "sha256": "16cec45f21cec80942d81749f5a4a3f5c07b26a6159c4f4ca10f86b3b54b4d1e", "bytes_utf8": 806 }, "section_doc": { "sha256": "2d773a7ac6ddbd5ab1f476d7178aa30ee64aaea1e6b031665a0d94d1972907f9", "bytes_utf8": 1202 }, "section_ref": { "sha256": "ebf009a146088f95a91b56d84b80e51d636d318e97559e59924f9964e8522a15", "bytes_utf8": 1806 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 3.2", "json_category": "MEASURE-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-3-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 3.3", "skos:prefLabel": "MEASURE 3.3", "skos:definition": "Feedback processes for end users and impacted communities to report problems and appeal system outcomes are established and integrated into AI system evaluation metrics.", "sov:function": "Measure", "sov:category": "MEASURE-3", "sov:topics": [ "Participation", "Contestability", "TEVV", "Impact Assessment" ], "sov:aiActors": [ "TEVV", "AI Deployment", "Operation and Monitoring", "End-Users", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "696d89595bdd061d01c66baa48300222c7d1af9f97d21acf84f05368a3b624f6", "bytes_utf8": 520 }, "section_actions": { "sha256": "ed61e06dbc1e026dd42f047dcc95b0163a53a6e4cce735a4d38e9cfd88fc1443", "bytes_utf8": 553 }, "section_doc": { "sha256": "e2168deb1b0346ea6b761ee48b4128c4fb3cc3140517b7cf265e1c214f262fa9", "bytes_utf8": 1001 }, "section_ref": { "sha256": "924fddfb0ef347131f6d4a3964d2c52195ae64c408de90212848fefc01f9b0d2", "bytes_utf8": 2166 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 3.3", "json_category": "MEASURE-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-4-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 4.1", "skos:prefLabel": "MEASURE 4.1", "skos:definition": "Measurement approaches for identifying AI risks are connected to deployment context(s) and informed through consultation with domain experts and other end users. Approaches are documented.", "sov:function": "Measure", "sov:category": "MEASURE-4", "sov:topics": [ "TEVV", "Participation", "Context of Use" ], "sov:aiActors": [ "TEVV", "AI Deployment", "Operation and Monitoring", "End-Users", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "4b73b027a992454c2b36966d4617a5f966bec04f031d2bd771f1385c5720d65d", "bytes_utf8": 1088 }, "section_actions": { "sha256": "836473f6f04f9d7224b04c1a61d96b5b073c839fa1d7e127c28829d558be467a", "bytes_utf8": 1293 }, "section_doc": { "sha256": "0cda71ec896fdb0ca13db55743afa487ce892580a6859c6df7139bd56e6aedc6", "bytes_utf8": 1139 }, "section_ref": { "sha256": "a24f74ef57d3f0a06873af0703c77fb649e63b66d556905311087262dbe51a17", "bytes_utf8": 4637 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 4.1", "json_category": "MEASURE-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-4-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 4.2", "skos:prefLabel": "MEASURE 4.2", "skos:definition": "Measurement results regarding AI system trustworthiness in deployment context(s) and across AI lifecycle are informed by input from domain experts and other relevant AI actors to validate whether the system is performing consistently as intended. Results are documented.", "sov:function": "Measure", "sov:category": "MEASURE-4", "sov:topics": [ "TEVV", "Participation", "Trustworthy Characteristics", "Validity and Reliability", "Safety", "Secure and Resilient", "Accountability and Transparency", "Explainability and Interpretability", "Privacy", "Fairness and Bias" ], "sov:aiActors": [ "TEVV", "AI Deployment", "Domain Experts", "Operation and Monitoring", "End-Users" ], "sov:sourceTextHashes": { "section_about": { "sha256": "2233dccae34f60e70a46e24a1cb35822ad4d2395569de5378124b7a2b910c2bf", "bytes_utf8": 626 }, "section_actions": { "sha256": "ae8c58f35b4b4d00985ac0a7871e70a02742b6b35fd216aa9c9aa9a4b67e3a03", "bytes_utf8": 947 }, "section_doc": { "sha256": "f8c770e9f43d1cd0db51f1e75f5e8fe6c4f9b8c208bd9a4d346e95c177b460a2", "bytes_utf8": 1032 }, "section_ref": { "sha256": "a24f74ef57d3f0a06873af0703c77fb649e63b66d556905311087262dbe51a17", "bytes_utf8": 4637 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 4.2", "json_category": "MEASURE-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#measure-4-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MEASURE 4.3", "skos:prefLabel": "MEASURE 4.3", "skos:definition": "Measurable performance improvements or declines based on consultations with relevant AI actors including affected communities, and field data about context-relevant risks and trustworthiness characteristics, are identified and documented.", "sov:function": "Measure", "sov:category": "MEASURE-4", "sov:topics": [ "TEVV", "Participation", "Trustworthy Characteristics", "Validity and Reliability", "Safety", "Secure and Resilient", "Accountability and Transparency", "Explainability and Interpretability", "Privacy", "Fairness and Bias" ], "sov:aiActors": [ "TEVV", "AI Deployment", "Operation and Monitoring", "End-Users", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "d33db58f701549033b555c0630788cbc6ffe893d8031409a84e213055c2bef35", "bytes_utf8": 627 }, "section_actions": { "sha256": "6b0c1b2ad859c8981afd6de7ebe10943c6b953a0319d4de3e13d2a1780008ca9", "bytes_utf8": 730 }, "section_doc": { "sha256": "47f6ef6ffac38ce60cf4b44c2d336e4cc9b0c6329181700fd9843492476827e9", "bytes_utf8": 1245 }, "section_ref": { "sha256": "a24f74ef57d3f0a06873af0703c77fb649e63b66d556905311087262dbe51a17", "bytes_utf8": 4637 } }, "sov:evidenceMapping": [ "tevv_report", "deterministic_replay_receipt", "tamper_test_receipt", "monitoring_record", "fail_closed_gate_result", "metric_drift_receipt" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MEASURE 4.3", "json_category": "MEASURE-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-1-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 1.1", "skos:prefLabel": "MANAGE 1.1", "skos:definition": "A determination is made as to whether the AI system achieves its intended purpose and stated objectives and whether its development or deployment should proceed.", "sov:function": "Manage", "sov:category": "MANAGE-1", "sov:topics": [ "AI Deployment", "Risk Assessment" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "AI Impact Assessment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "b416505ae5faad0ab7f49196a15b8d9a6550a288e435e478c099a9d8110d884e", "bytes_utf8": 464 }, "section_actions": { "sha256": "fe8f26ae5a05addca75a15e2445b8c15dc2c0de938779193d87dfc3c4a79dc4c", "bytes_utf8": 590 }, "section_doc": { "sha256": "75682a04dee89c4870386b3b98dc93432bb73869900eaa22ca431d46a6aecb73", "bytes_utf8": 1004 }, "section_ref": { "sha256": "f80cf7dbac4854faf72d3982c44e3c280021a54ab86ed775ba198f6ce4b4328f", "bytes_utf8": 1664 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 1.1", "json_category": "MANAGE-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-1-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 1.2", "skos:prefLabel": "MANAGE 1.2", "skos:definition": "Treatment of documented AI risks is prioritized based on impact, likelihood, or available resources or methods.", "sov:function": "Manage", "sov:category": "MANAGE-1", "sov:topics": [ "Risk Tolerance" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "AI Impact Assessment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "df4ad23cf0a2143d7182aea2252f8f58c7cd87ae01c760546c50a99510afc836", "bytes_utf8": 684 }, "section_actions": { "sha256": "bbfd43ef3eada1b255406a264fbe4cf9c4189e645b08daef57e092d0b56c038a", "bytes_utf8": 392 }, "section_doc": { "sha256": "0e7b3a97c5b7dbc5b18b366f1e025b14e4eb0ba695e1907a9f18daa3a4df1eda", "bytes_utf8": 877 }, "section_ref": { "sha256": "f80cf7dbac4854faf72d3982c44e3c280021a54ab86ed775ba198f6ce4b4328f", "bytes_utf8": 1664 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 1.2", "json_category": "MANAGE-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-1-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 1.3", "skos:prefLabel": "MANAGE 1.3", "skos:definition": "Responses to the AI risks deemed high priority as identified by the Map function, are developed, planned, and documented. Risk response options can include mitigating, transferring, avoiding, or accepting.", "sov:function": "Manage", "sov:category": "MANAGE-1", "sov:topics": [ "Legal and Regulatory", "Risk Tolerance" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "AI Impact Assessment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "641f5864fab151e6acd228eccab904d7cecafffba93214d51f7fea97497d0cf1", "bytes_utf8": 539 }, "section_actions": { "sha256": "d6757474a49d8448ca92910970ade88487f73f5dea0fb43f88d0582f72687255", "bytes_utf8": 669 }, "section_doc": { "sha256": "3269f5556936b8c61106b4066372897a55d1b24f454196724027ae838459cdf2", "bytes_utf8": 748 }, "section_ref": { "sha256": "f80cf7dbac4854faf72d3982c44e3c280021a54ab86ed775ba198f6ce4b4328f", "bytes_utf8": 1664 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 1.3", "json_category": "MANAGE-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-1-4", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 1.4", "skos:prefLabel": "MANAGE 1.4", "skos:definition": "Negative residual risks (defined as the sum of all unmitigated risks) to both downstream acquirers of AI systems and end users are documented.", "sov:function": "Manage", "sov:category": "MANAGE-1", "sov:topics": [ "Risk Response" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "AI Impact Assessment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "d543003cc660174faff09cdde32413ca00c6b19c145f55621626cf92bc3e1fa2", "bytes_utf8": 404 }, "section_actions": { "sha256": "6feed81d50c0acdb8ecdc3c83850dd759ce0861d0c7fed83c7ef06749c378416", "bytes_utf8": 378 }, "section_doc": { "sha256": "aafb292be95a8b03afc710564410843064b2cf318832b5b043a6e06c6ccc22e0", "bytes_utf8": 942 }, "section_ref": { "sha256": "f80cf7dbac4854faf72d3982c44e3c280021a54ab86ed775ba198f6ce4b4328f", "bytes_utf8": 1664 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 1.4", "json_category": "MANAGE-1" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-2-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 2.1", "skos:prefLabel": "MANAGE 2.1", "skos:definition": "Resources required to manage AI risks are taken into account, along with viable non-AI alternative systems, approaches, or methods – to reduce the magnitude or likelihood of potential impacts.", "sov:function": "Manage", "sov:category": "MANAGE-2", "sov:topics": [ "Risk Tolerance", "Trade-offs" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "AI Impact Assessment", "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "f597b51c42bac0b34d603de638b731f96eb282b70f6fa247702645eaa7ec4a7e", "bytes_utf8": 488 }, "section_actions": { "sha256": "b903deb4f68b505807d0659f47d7a8acb8b7f6781ba1dd746659f750a4ace48e", "bytes_utf8": 1377 }, "section_doc": { "sha256": "fa5dded3e6133b9765f85efaeeb5b9ea0cc2ee1779b4202f90c6efcd745134f1", "bytes_utf8": 731 }, "section_ref": { "sha256": "f220c90870572f109770e0166b7f9e5879fd0c849804758be6a3e731b123d4e4", "bytes_utf8": 1093 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 2.1", "json_category": "MANAGE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-2-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 2.2", "skos:prefLabel": "MANAGE 2.2", "skos:definition": "Mechanisms are in place and applied to sustain the value of deployed AI systems.", "sov:function": "Manage", "sov:category": "MANAGE-2", "sov:topics": [ "AI Deployment", "Drift", "Societal Values" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "AI Impact Assessment", "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "18ae93b9ab12c977572a2519b25635335cf6dedff4f94c7572a3e85f93e6428c", "bytes_utf8": 1412 }, "section_actions": { "sha256": "62264594661638eee4e4c5fc4c4e9b44035f57b49a8c39783399a7e4eb66851b", "bytes_utf8": 1662 }, "section_doc": { "sha256": "d4906301fb79ac6eff2fa7675e7be6e650aa60fbd655cec4133e6b5a46f4e3c4", "bytes_utf8": 864 }, "section_ref": { "sha256": "783f9ded45fd9f3bad53467e6a5309a1275105358e582da769500f125a312be8", "bytes_utf8": 12435 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 2.2", "json_category": "MANAGE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-2-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 2.3", "skos:prefLabel": "MANAGE 2.3", "skos:definition": "Procedures are followed to respond to and recover from a previously unknown risk when it is identified.", "sov:function": "Manage", "sov:category": "MANAGE-2", "sov:topics": [ "Risk Response" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring" ], "sov:sourceTextHashes": { "section_about": { "sha256": "a23f0096730eeec81c611710dc3a3bf4ae1861f8177bf543002bae9c0f799e1a", "bytes_utf8": 420 }, "section_actions": { "sha256": "74111b3b9b2371d7e9e7c223bd733b5a516d08857f48884b618a283219a0f1c8", "bytes_utf8": 790 }, "section_doc": { "sha256": "f3b161f5e0640a93d1b0b0faf9dae4fd95189f33fdef40d7b042540348313913", "bytes_utf8": 1185 }, "section_ref": { "sha256": "6d38a9f8f41f59275d7223ef7b7e9c38f68f5b5c330f8317815f118b8511d33b", "bytes_utf8": 968 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 2.3", "json_category": "MANAGE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-2-4", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 2.4", "skos:prefLabel": "MANAGE 2.4", "skos:definition": "Mechanisms are in place and applied, responsibilities are assigned and understood to supersede, disengage, or deactivate AI systems that demonstrate performance or outcomes inconsistent with intended use.", "sov:function": "Manage", "sov:category": "MANAGE-2", "sov:topics": [ "Risk Response", "Decommission", "Risky Emergent Behavior" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "Governance and Oversight" ], "sov:sourceTextHashes": { "section_about": { "sha256": "152243c3699d5b01be106503ccff0115cc4bdd510db90070a22a1b30ff33f4ae", "bytes_utf8": 1826 }, "section_actions": { "sha256": "3222255360914a3dc9b0388babf9342e02f4128d1dc5d7baf30c3bd2f07e474d", "bytes_utf8": 949 }, "section_doc": { "sha256": "00fc06ebf00581bdff3c8d922df0f64ab1ead52fa8151fb2c7720099dc50ec9e", "bytes_utf8": 983 }, "section_ref": { "sha256": "b6d5e4cc1f3ccd689f142cef46b96874d525834dc2f826afdb5f9118100a7f84", "bytes_utf8": 368 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 2.4", "json_category": "MANAGE-2" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-3-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 3.1", "skos:prefLabel": "MANAGE 3.1", "skos:definition": "AI risks and benefits from third-party resources are regularly monitored, and risk controls are applied and documented.", "sov:function": "Manage", "sov:category": "MANAGE-3", "sov:topics": [ "Third-party", "Supply Chain" ], "sov:aiActors": [ "Third-party entities", "Operation and Monitoring", "AI Deployment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "773c897d48c767b1ee3512b04121bbdca6a527ff281b7aff0b21369252e9bb82", "bytes_utf8": 680 }, "section_actions": { "sha256": "b590759e52b94d337275f83fe68fbbbae5e4f38a30e7a9f07b34f03d3e3fa408", "bytes_utf8": 1220 }, "section_doc": { "sha256": "57381477d65d92c58ebb79187dbe5b7a01597cb44ccdc7a4d8ad2c42dc8c05ed", "bytes_utf8": 1074 }, "section_ref": { "sha256": "a8262a21f79e2264a20bca1577e984642747a0c8d0af7db073168a411572b259", "bytes_utf8": 221 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 3.1", "json_category": "MANAGE-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-3-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 3.2", "skos:prefLabel": "MANAGE 3.2", "skos:definition": "Pre-trained models which are used for development are monitored as part of AI system regular monitoring and maintenance.", "sov:function": "Manage", "sov:category": "MANAGE-3", "sov:topics": [ "Pre-trained models", "Monitoring" ], "sov:aiActors": [ "Third-party entities", "Operation and Monitoring", "AI Deployment" ], "sov:sourceTextHashes": { "section_about": { "sha256": "b879e56d51870f8db2e8c7806d522e6b6fbc7545eb013c63976792f61fdfc436", "bytes_utf8": 856 }, "section_actions": { "sha256": "70848dfbb70649d21b6e7b9e381e0df8953b45f6f8da571446bc1d7457a0a350", "bytes_utf8": 696 }, "section_doc": { "sha256": "166e9a5dd996b3446684838b0454a1d779fb78238ae06eb22f4d36b97be6f0da", "bytes_utf8": 1068 }, "section_ref": { "sha256": "b87da251af499a357328b6127b6d63c0a759a7e428befea81ae532c255a7cced", "bytes_utf8": 117 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 3.2", "json_category": "MANAGE-3" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-4-1", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 4.1", "skos:prefLabel": "MANAGE 4.1", "skos:definition": "Post-deployment AI system monitoring plans are implemented, including mechanisms for capturing and evaluating input from users and other relevant AI actors, appeal and override, decommissioning, incident response, recovery, and change management.", "sov:function": "Manage", "sov:category": "MANAGE-4", "sov:topics": [ "Monitoring", "Participation", "AI Deployment", "AI Incidents", "Risk Response", "Adversarial", "Risky Emergent Behavior" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "End-Users", "Human Factors", "Domain Experts", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "3a4f6857d0ca81acfc985ce073dded6d21acf0fe569ba860d8987168d26c2f6f", "bytes_utf8": 450 }, "section_actions": { "sha256": "e65f8870e842240e4238b0b90d10ee903daa829f0f217f4c3d9aed3d0dd2b4dd", "bytes_utf8": 1183 }, "section_doc": { "sha256": "9840b90c686969921904be997e116f6f386687ddd5b115aeaa9ddab41e49c905", "bytes_utf8": 526 }, "section_ref": { "sha256": "16759021d8e4866f56dc8ff5fab199bafee5c47fc7312037d54e778bfae44cd8", "bytes_utf8": 275 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 4.1", "json_category": "MANAGE-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-4-2", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 4.2", "skos:prefLabel": "MANAGE 4.2", "skos:definition": "Measurable activities for continual improvements are integrated into AI system updates and include regular engagement with interested parties, including relevant AI actors.", "sov:function": "Manage", "sov:category": "MANAGE-4", "sov:topics": [ "Monitoring", "Impact Assessment", "Risk Assessment", "Continual Improvement" ], "sov:aiActors": [ "TEVV", "AI Design", "AI Development", "AI Deployment", "Operation and Monitoring", "End-Users", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "a40a76bce57f485c3949298ae42d6cc5376b90d724ae36ba797edf000a845c63", "bytes_utf8": 971 }, "section_actions": { "sha256": "5bd95cbf518c29967acc6b7a32f7f4911fded6e9243b81ea4403b82e7ddc5585", "bytes_utf8": 552 }, "section_doc": { "sha256": "dab05b1f055863b7171e52b27a9f1746331495f0712155af8fb41139da35da32", "bytes_utf8": 831 }, "section_ref": { "sha256": "3f8100a88b6c4c3521cf72bfeebf64221db813b091b7b88d2e84276186c929fa", "bytes_utf8": 800 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 4.2", "json_category": "MANAGE-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" }, { "@id": "https://www.sovrient.com/standards/nist/ai-rmf/playbook/1.0/playbook.jsonld#manage-4-3", "@type": [ "sov:PlaybookOutcome", "skos:Concept" ], "skos:notation": "MANAGE 4.3", "skos:prefLabel": "MANAGE 4.3", "skos:definition": "Incidents and errors are communicated to relevant AI actors including affected communities. Processes for tracking, responding to, and recovering from incidents and errors are followed and documented.", "sov:function": "Manage", "sov:category": "MANAGE-4", "sov:topics": [ "AI Incidents", "Monitoring" ], "sov:aiActors": [ "AI Deployment", "Operation and Monitoring", "End-Users", "Human Factors", "Domain Experts", "Affected Individuals and Communities" ], "sov:sourceTextHashes": { "section_about": { "sha256": "baf106cf17e175e9042cad3c3e506ad5552ad591938b01dbb201b4d0b8a900e6", "bytes_utf8": 336 }, "section_actions": { "sha256": "0725fa55281891f94ea876d382efd4d15f0efac39a3813022748dce4a23ccd5b", "bytes_utf8": 707 }, "section_doc": { "sha256": "9ee3e853f1ca8a5c0241281cfee57d540bc1cabab192ca55fd1061c5c34db984", "bytes_utf8": 791 }, "section_ref": { "sha256": "9898e28a668b1683772a110d32ff0d703b8efae97155079e94ecd04e0924d473", "bytes_utf8": 647 } }, "sov:evidenceMapping": [ "release_verdict", "hold_state", "incident_record", "risk_treatment_record", "anchor_receipt", "successor_manifest" ], "sov:sourceLocator": { "source_id": "playbook_json", "json_title": "MANAGE 4.3", "json_category": "MANAGE-4" }, "sov:claimBoundary": "derived_navigation_and_crosswalk_node_not_official_nist_claim" } ] }