NIST-RMF-MG-3-01 Risk Management MG-3 — Third-Party AI Risk Management

Monitor and control third-party AI risks and benefits

Description

Organizations must regularly monitor AI risks and benefits from third-party resources, apply appropriate risk controls, and maintain documentation of these activities.

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Related Obligations

NIST-RMF-MG-3-02 Monitoring

Monitor pre-trained models in AI system operations

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Monitor and control third-party AI risks and benefits

Description

Full Analysis & Evidence Requirements

Related Obligations

Map this obligation to your AI systems

Start your compliance assessment