Compliance Library Blog Product Sign In
NIST-RMF-GV-6-03 Risk Management GV-6 — Third-Party AI Risks and Supply Chain

High-Risk Third-Party AI System Contingency Processes

Description

Organizations must establish contingency processes specifically designed to handle failures or incidents that occur in third-party data or AI systems that have been classified as high-risk.

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Sign In to View

Related Obligations

NIST-RMF-GV-6-01 Risk Management

Third-Party AI Risk Management Policies
NIST-RMF-GV-6-02 Risk Management

Third-Party Intellectual Property Risk Policies

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Start your compliance assessment

Map obligations to your AI systems, identify gaps, and generate board-ready reports. Plans start at $149/mo.

Get Started