Definition and Purpose of HITRUST AI RMF

The HITRUST AI Risk Management Framework (AI RMF) is the first comprehensive assessment program to oversee Artificial Intelligence (AI) risks. However, it is the second in a series of AI assurance solutions. 

It ensures that effective governance is in place when AI solutions are implemented, making it easier for companies to communicate their AI risk management strategies to management teams, boards of directors, and other stakeholders.

HITRUST’s AI RMF is built around common standards from groups like NIST and ISO/IEC. It provides step-by-step guidance, a SaaS platform, and other tools so companies can demonstrate that they’re effectively managing AI risks. 

This framework also helps organizations measure and report on their AI risk efforts.

HITRUST AI RM History

HITRUST AI RM is the first assessment designed to manage and govern AI risks. It was announced on August 20, 2024, in Frisco, Texas, by HITRUST, a leader in information security and compliance. 

They launched this AI Risk Management Assessment to give organizations a straightforward way to manage the risks associated with AI, ensuring that their governance strategies can be easily shared with management teams and boards. 

Before this, teams had to combine guidelines from multiple standards, such as ISO/IEC and NIST. This new approach simplifies the process, making it easier for companies to show they have effectively addressed AI risks.