Ready to take control of your AI risks?
Unlock expert insights and practical solutions to safeguard your organization against the evolving risks of Artificial Intelligence.
&npsp
Navigate towards AI resilience with confidence
Executives, such as COOs, Risk Officers, CTOs, and CISOs, have a strong need for ethical compliance and navigating the complexities of cybersecurity, a focus that sharply contrasts with data scientists' pursuit of accelerating AI model development and deployment for better and faster outcomes.
-
Organizations need to know how to systemically frame their AI risks
-
Organizations should collaborate openly with AI security experts and academics to foster a resilient AI-focused trustworthy culture
-
Organizations need a practical toolkit to adopt and customize, that satisfies their AI risk appetite
AI Resilience Maturity Model
The AI RMM is a conceptual framework used to assess, measure, and improve the resilience of organisations using or planning to use (AI) Artificial Intelligence.
The Model aligns with the National Institute of Standards and Technology (NIST) AI Risk Management Framework RMF's Core Functions namely, Govern, Map, Measure, and Manage.
Drawing inspiration from the CERT RMM, the Model examines how organizations are setup with respect to their AI systems and is structured as a series of levels or stages that represent different degrees of maturity.
The AI RMM offers a more detailed, step-by-step roadmap to achieve compliance, making it easier for organizations to understand and meet legal obligations.
The AI-RMM is licensed under the GNU General Public License (GPL), which is designed to ensure that all enhancements and modifications to the AI-RMM remain open and accessible to the community.
From its inception, the AI RMM was designed as a living framework, welcoming contributions from the academic and larger community.
Our Services
Enhanced Resilience Toolkit (Toolkit)
The AI-RMM Toolkit extends the Core Framework with advanced tools and features for organizations aiming to progress through the AI-RMM levels.
Professional Resilience Platform (Platform)
Tailored for businesses seeking a comprehensive solution, the AI-RMM Pro Subscription offers full access to our SaaS platform.
Enterprise Resilience Platform (Enterprise)
Our enterprise subscription service offers the expertise of our team, who will directly oversee the implementation of resilience strategies within your organization.
Blog Post Highlights
Governing AI Risks with Open-Source and Human Ingenuity
In the rapidly evolving landscape of Artificial Intelligence (AI), the journey towards harnessing its potential responsibly and ethically is underscored by a multitude of regulatory and standardization efforts. Yet, a critical gap remains: the translation of high-level principles and regulatory mandates into practical, actionable standards that organizations can implement effectively.
Got 99 Problems AI Risk Ain’t One!
As an AI leader in your organization, whether you're the Chief Operating Officer, Chief Risk Officer, or CEO, your role is pivotal in navigating the adoption of Artificial Intelligence (AI) to drive growth and efficiency. However, with the immense potential of AI comes a responsibility to manage the risks associated with its integration into your business operations.
Humanity Wins Skynet if You Manage AI Risks
In the realm of science fiction, Skynet's rise to power in the "Terminator" movie series serves as a chilling reminder of what could go wrong when Artificial Intelligence (AI) goes unchecked. While this dystopian scenario remains firmly in the realm of fiction, it underscores a critical real-world imperative, namely the need for vigilant AI risk management.
AI Resilience Maturity Model (AI-RMM)
Frequently Asked Questions
What is the AI Resilience Maturity Model (AI RMM)?
The AI RMM is a conceptual framework used to assess, measure, and improve the resilience of organisations using or planning to use (AI) Artificial Intelligence. The Model examines how organizations are setup with respect to their AI systems and is structured as a series of levels or stages that represent different degrees of resilience maturity.
The Model aligns with the National Institute of Standards and Technology (NIST) AI Risk Management Framework RMF's Core Functions namely, Govern, Map, Measure, and Manage. It is a tool used to evaluate and measure the effectiveness and sophistication of the risk management processes within such a framework..
Drawing inspiration from the CERT Resilience Maturity Model (CERT RMM), the Model includes maturity levels (Initial, Managed, Defined, Quantitatively Managed, and Optimizing) that organizations can progress through. These levels reflect the organization's capability to proactively manage and respond to AI-related disruptions, considering factors like governance, workforce diversity, accountability, and engagement with external stakeholders.
What license is the AI-RMM model licensed under?
The AI-RMM is licensed under the GNU General Public License (GPL), which is designed to ensure that all enhancements and modifications to the AI-RMM remain open and accessible to the community. For the purposes of AI-RMM, "source code" is defined as the comprehensive set of files (including text, markdown, Excel, etc.) that contain the detailed definitions of the practices and sub-practices organizations should follow to enhance their resilience in using AI systems. This includes all documentation, guides, templates, and materials necessary for understanding, implementing, and adapting the AI-RMM.
Internal Use
If an organization modifies any part of the AI-RMM (such as an Excel file, as defined above as the source code) but does not distribute the modified version outside of the organization, the GPL does not require these modifications to be shared. This is in accordance with the GPL's stance that the mere use of the work within an organization, without external distribution, does not trigger the obligation to disclose modifications.
Distribution
When the modified work is distributed, conveyed, or otherwise made available to entities outside the original organization, the GPL's copyleft provisions come into effect. This requires that the modified version be made available under the same GPL terms. This includes ensuring that any distributed copies are accompanied by the GPL license text, a clear statement of any changes made, and providing access to the modified "source code" in this case, the modified contents of the AI-RMM documentation and materials.
Derivative Works
The GPL permits the creation of derivative works based on the AI-RMM, but it mandates that such works, if distributed, must also be licensed under the GPL. This provision is intended to preserve the open-source nature of the AI-RMM, fostering a collaborative environment where improvements are shared, benefiting the broader community.
By adopting the GPL for AI-RMM, we aim to encourage innovation and collaboration within the community, ensuring that valuable insights and enhancements remain freely available and contribute to the collective knowledge and resilience in AI usage.
Who can address additional questions about the AI Resilience Maturity Model?
For any additional questions or clarifications about the AI RMM, organizations can reach out via email to framework@riskframe.ai.