NIST AI RMF For Plant AI Pilots: Govern, Map, Measure, Manage Without The Theatre

What the framework says

NIST published the AI Risk Management Framework — formally NIST AI 100-1, AI RMF 1.0 — in January 2023. It is voluntary, lifecycle-oriented guidance for managing the risks of AI systems, built around four core functions applied iteratively, not as a sequence:

• Govern sets the culture, policies, roles, and accountability that hold the other three together.
• Map establishes the context — where the system operates, who it affects, and what could go wrong.
• Measure uses quantitative and qualitative methods to analyse, benchmark, and monitor the system’s behaviour and impacts.
• Manage allocates resources to treat the risks, documents what residual risk remains, and defines the response when something goes wrong.

The framework also names the characteristics of a trustworthy AI system — valid and reliable, safe, secure and resilient, accountable and transparent, explainable, privacy-enhanced, and fair. For industrial use, the first two carry most of the weight.

What it means on the plant floor

Strip away the governance language and the framework is asking four blunt questions about any model you are about to put near production:

1. Who owns this when it is wrong? (Govern) A predictive-maintenance model that calls a healthy bearing dead, or misses a real one, creates a maintenance action or a missed stop. Someone owns that consequence — name them before deployment, not after the first bad call.
2. Where does it act, and what does a wrong answer cost here? (Map) The same anomaly detector is trivial on a redundant pump and serious on a single-line compressor. Context sets the bar the model has to clear.
3. How will we know it works on our data? (Measure) A model validated on a vendor’s dataset has not been validated on your machines, your duty cycles, your sensor placement. Measurement means a defined test on your own labelled events before you trust an alert.
4. How do we catch it drifting? (Manage) Plant conditions change — a re-greased bearing, a new product, a replaced sensor — and a model trained on the old normal quietly degrades. Manage is the monitoring and rollback plan that keeps a stale model from steering decisions.

The three decisions this should change

1. Pilot scope gets an owner and a cost-of-error before a model is chosen. The Govern and Map functions front-load the two decisions teams usually skip: accountability and consequence. Decide them first and the rest of the pilot has a yardstick.
2. Acceptance is measured on your own evidence, not the vendor’s demo. Borrow the Measure discipline: define, up front, the labelled events the model must call correctly on your data, and the false-alarm rate operations will tolerate. A model that cannot pass that test is not ready, however good the demo looked.
3. Every model ships with a drift-and-rollback plan. Manage turns “deploy and hope” into “deploy, monitor, and revert if it degrades.” For OT, NIST SP 800-82 adds the non-negotiable: the AI sits outside the control and safety path, advising decisions rather than making them.

Where it stops being useful

• It is a framework, not a method. The AI RMF tells you what to manage, not how to build a good predictive model or set a threshold. Pair it with the engineering — failure modes, signal evidence, operating-state context — or it becomes paperwork around an untrustworthy model.
• Governance can outgrow the pilot. A single-asset proof of concept does not need a committee. Apply the four questions in proportion; the goal is a trustworthy decision, not a documentation exercise that outweighs the model.
• Trustworthiness is contextual. “Fair” and “explainable” matter enormously for AI that affects people and far less for a vibration anomaly detector — but “valid, reliable, safe” are non-negotiable on a plant floor. Read the characteristics through your use case, not as a flat checklist.