On this page
TL;DR
The NIST AI Risk Management Framework (AI RMF 1.0, published 2023-01-26 as NIST AI 100-1) defines four functions: GOVERN, MAP, MEASURE, and MANAGE. GOVERN is the cross-cutting foundation - it sets the policies, accountability, culture, and third-party controls that the other three functions depend on. It contains six subcategories, GOVERN 1 through GOVERN 6, and is the function CISOs typically own. Source: NIST AI 100-1, January 2023. Updated 2026-05-19.
Why GOVERN is the foundation
GOVERN is the only AI RMF function that spans the entire AI lifecycle and the entire organization. MAP, MEASURE, and MANAGE each apply to specific AI systems and specific points in time. GOVERN sits above them, defining who is accountable, which policies apply, what risk tolerance is acceptable, and how third-party AI is evaluated. Without a working GOVERN program, the other three functions degrade into ad-hoc activity by individual teams, which is exactly the state most enterprises were in before 2024.
CISOs typically lead GOVERN for three reasons. First, the existing enterprise risk management, third-party risk management, and information security programs already report through the CISO or Chief Risk Officer - AI risk is layered on top rather than rebuilt from scratch. Second, the discipline of policy as code, identity-based access control, audit logging, and incident response maps directly onto AI RMF GOVERN outcomes. Third, regulators and auditors expect a single accountable executive, and the CISO is the natural fit in most mid-market and enterprise organizations.
The strategic takeaway: GOVERN is where compliance leverage compounds. Implementing GOVERN once, well, satisfies the AI-specific obligations in the EU AI Act, ISO/IEC 42001, the Colorado AI Act, and OMB M-24-10 simultaneously, because each of those frameworks expects the same underlying control story. The Areebi NIST AI RMF hub walks through how the four functions interact end-to-end; this post zooms in on GOVERN 1 through GOVERN 6.
The 6 GOVERN subcategories explained with examples
NIST AI 100-1 organises GOVERN into six subcategories, each describing an outcome the organisation should achieve. The subcategory IDs (GOVERN 1, GOVERN 2, and so on) are the canonical reference used by auditors, regulators, and procurement teams. Each one below explains the outcome, gives a concrete CISO-level example, and points to the Areebi capability that operationalises it.
GOVERN 1: Policies, processes, procedures, and practices
GOVERN 1 requires that AI-specific policies, processes, procedures, and practices are documented, communicated, and enforced - not aspirational statements buried in a PDF. The outcome is that any auditor, regulator, or new employee can find the rules that apply to AI use, understand them, and see that they are actually being followed.
A concrete example: a CISO at a regional bank publishes an AI Acceptable Use Policy that names approved providers (the corporate AnythingLLM tenant, plus two named external models for specific use cases), prohibits paste of customer PII into any unsanctioned tool, requires model risk assessment before any production deployment, and defines escalation paths to the AI governance committee. The policy is then converted into machine-readable rules in the Areebi policy engine, so the rules are not just written but enforced at the prompt layer in real time.
The trap to avoid: GOVERN 1 is not satisfied by a policy document alone. NIST is explicit that processes must be in place and enforced. Auditors will ask for evidence of enforcement, typically in the form of audit logs showing blocked or redacted interactions tied to specific policy clauses.
GOVERN 2: Accountability structures
GOVERN 2 requires that accountability structures are established with clear roles, responsibilities, and decision rights for AI risk. The outcome is that for any AI system, you can name the executive sponsor, the technical owner, the risk owner, the data steward, and the body that approves go-live.
A concrete example: the CISO chairs a monthly AI Governance Committee that includes Legal, Privacy, IT Security, Data Science, HR, and the business unit owners of the top five AI use cases. Each AI system in the inventory has a named risk owner who is accountable for residual risk acceptance. High-risk systems require dual sign-off (risk owner plus CISO) before production deployment. RACI matrices, decision logs, and committee minutes are stored in a single repository.
The trap to avoid: accountability that lives only on an org chart. NIST and OMB M-24-10 expect named individuals, written decision rights, and evidence that those individuals actually exercised their authority. Federal agencies are now required to designate a Chief AI Officer under M-24-10 - private-sector CISOs should expect the same expectation to flow through to enterprise procurement within 24 months.
GOVERN 3: Workforce diversity, equity, inclusion, and accessibility
GOVERN 3 requires that workforce diversity, equity, inclusion, and accessibility processes are prioritised in the organisation's mapping, measuring, and managing of AI risks. The outcome is that the teams designing, testing, and overseeing AI systems reflect the diversity of the populations those systems affect.
A concrete example: the AI Governance Committee adopts a charter that requires representation from at least three functional areas and explicitly invites input from accessibility, employee resource groups, and HR fairness specialists when reviewing high-risk AI use cases (hiring, performance management, customer-facing decisions). Bias testing is performed by reviewers who were not on the build team. Documentation is reviewed for accessibility (screen reader compatibility, plain language) before publication.
The trap to avoid: treating GOVERN 3 as an HR concern outside the CISO's remit. In practice it is a control failure mode: homogeneous review teams systematically miss fairness, accessibility, and edge-case failure patterns that show up later as regulatory and reputational incidents.
GOVERN 4: Risk culture
GOVERN 4 requires that organisational teams are committed to a culture that considers and communicates AI risk. The outcome is that AI risk is discussed in the same forums and with the same seriousness as cybersecurity, privacy, and financial risk - and that employees feel safe escalating concerns.
A concrete example: AI risk becomes a standing agenda item at the executive risk committee. All employees who can deploy or configure AI receive mandatory training on the AI Acceptable Use Policy, with role-specific deep dives for developers, data scientists, and customer-facing staff. The CISO publishes a quarterly AI risk report covering the inventory, top incidents, near-misses, and remediation progress. A no-fault reporting channel exists for AI-related concerns, mirroring the cybersecurity incident reporting process.
The trap to avoid: treating training as a one-off launch event. Risk culture is a measurable, recurring discipline. NIST AI 600-1 (the Generative AI Profile, July 2024) reinforces this for GenAI specifically: organisations must continuously update training as model capabilities and risks evolve.
GOVERN 5: Stakeholder engagement
GOVERN 5 requires that processes are in place for engagement with relevant AI actors - the people inside and outside the organisation who develop, deploy, use, or are affected by the AI system. The outcome is that affected stakeholders have a meaningful path to provide input before, during, and after deployment, and that their input changes outcomes.
A concrete example: before deploying an AI system that recommends loan terms, the CISO and risk owner convene a stakeholder review including consumer advocates, the bank's customer experience lead, and a sample of frontline relationship managers. Feedback is logged and dispositioned. After deployment, a customer-facing feedback channel allows affected individuals to report concerns; concerns are triaged through the same incident response workflow as security events. Areebi audit logs link feedback events to the specific model version and policy state at the time.
The trap to avoid: stakeholder engagement performed once at design time and never repeated. GOVERN 5 contemplates continuous engagement, especially when models are retrained, repurposed, or moved to new populations.
GOVERN 6: Third-party AI risk
GOVERN 6 requires that policies and procedures are in place to address AI risks and benefits arising from third-party software and data, and AI system components. For most enterprises this is now the largest source of AI risk, because the majority of AI exposure comes through embedded vendor features (CRM, productivity, support tools) and foundation models accessed by API rather than internally built systems.
A concrete example: the CISO extends the existing third-party risk management programme to include an AI addendum. Vendors are categorised by AI exposure (no AI, AI features off by default, AI features on by default, AI is the product). For each AI vendor, contracts require disclosure of training data sources, model provenance, data residency, indemnification for hallucinated content, and a right to audit. The vendor list and risk ratings are maintained in the Areebi inventory, and DLP rules at the prompt layer prevent specific data classes from leaving the perimeter regardless of which vendor receives them.
The trap to avoid: ignoring AI features inside non-AI vendors. Most enterprises are surprised to find that more than half of their AI exposure comes from features quietly added to existing SaaS tools. Discovery is the first control - see our shadow AI guide for the practical mechanics.
See Areebi in action
Get a 30-minute personalised demo tailored to your industry, team size, and compliance requirements.
Get a DemoCommon pitfalls
Across the GOVERN engagements we have supported, three pitfalls show up repeatedly at the CISO level. Each one is avoidable with a small amount of design discipline at programme kickoff.
Pitfall 1: Policy without enforcement. A CISO publishes a polished AI Acceptable Use Policy, circulates it via the LMS, and considers GOVERN 1 closed. Three months later an internal audit asks for evidence that the policy is enforced and the only artefact available is training completion data. Avoid this by treating policy as code from day one - every published policy clause maps to a specific enforcement rule in the Areebi policy engine or an equivalent control, and the mapping is documented. Auditors should be able to trace a policy clause to a rule to an audit log entry showing the rule firing.
Pitfall 2: Accountability without authority. The org chart names a Chief AI Officer or AI Risk Lead, but that individual cannot block a deployment, cannot enforce remediation timelines, and is not in the budget approval chain for AI initiatives. Avoid this by documenting decision rights explicitly in the AI Governance Committee charter, including the right to require remediation before go-live and the right to escalate to the executive risk committee. If the CISO is the named GOVERN owner, that authority must be reflected in delegated authority memos and budget controls.
Pitfall 3: Treating third-party AI risk as a procurement-only problem. The third-party risk team adds an AI questionnaire to vendor onboarding and considers GOVERN 6 closed. Meanwhile, AI features are added to existing tools without any procurement event, and employees adopt unsanctioned tools that never enter the vendor inventory. Avoid this by combining procurement controls with continuous discovery (network telemetry, browser extension, identity provider logs) so that AI exposure is detected regardless of how it entered the environment. Our model supply chain security guide covers the technical mechanics in detail.
GOVERN-to-Areebi capability mapping
The table below maps each GOVERN subcategory to the Areebi platform capability that implements it. The mapping is intentionally conservative - we list only capabilities that ship in the platform today, cross-checked against the NIST AI RMF hub and the platform overview. At Areebi, we built the policy engine and audit log specifically so that GOVERN evidence is generated as a byproduct of normal AI usage rather than a separate quarterly scramble.
| Subcategory | Outcome | Areebi capability | Where to look |
|---|---|---|---|
| GOVERN 1 | Policies in place and enforced | Policy engine (machine-readable, version-controlled policies enforced at the prompt layer) | /platform#policy |
| GOVERN 2 | Accountability and roles defined | Role-based access control, approval workflows, decision authority controls | /platform#policy |
| GOVERN 3 | DEIA prioritised across AI risk management | Bias testing templates, fairness review workflows, reviewer assignment rules | /platform#policy |
| GOVERN 4 | Risk culture and training | Compliance dashboards, incident replay, role-based training analytics | /platform#dashboard |
| GOVERN 5 | Stakeholder engagement processes | Audit log with model and policy version, structured feedback capture | /platform#audit |
| GOVERN 6 | Third-party AI risk addressed | Vendor risk inventory, DLP enforced at perimeter, 30+ provider support with provider-level controls | /platform#dlp |
If you want to validate this mapping against your own environment, the Areebi AI Governance Assessment scores your current state across all six GOVERN outcomes and produces a prioritised remediation plan.
What to read next
To go from GOVERN understanding to operational programme, work through this cluster in order.
- NIST AI RMF compliance hub - the canonical Areebi reference for the full framework and how each function maps to platform controls.
- NIST AI RMF implementation guide - the practical end-to-end implementation playbook covering all four functions over a 24-week timeline.
- ISO/IEC 42001 certification guide - the management system standard that pairs cleanly with the AI RMF, especially for GOVERN 1 and GOVERN 2 evidence.
- Build an AI governance programme - the founder-to-board-level operating model that wraps the GOVERN function in a sustainable programme structure.
- AI compliance landscape 2026 - the cross-jurisdiction view that shows how a single GOVERN implementation satisfies multiple regulators simultaneously.
Frequently Asked Questions
What is the GOVERN function?
GOVERN is one of four core functions defined in the NIST AI Risk Management Framework (AI RMF 1.0, NIST AI 100-1, published January 2023). It establishes the policies, accountability structures, culture, stakeholder engagement processes, and third-party controls that an organisation uses to manage AI risk. Unlike MAP, MEASURE, and MANAGE, GOVERN is cross-cutting and applies organisation-wide rather than to individual AI systems.
Who owns GOVERN?
In most enterprises the CISO or Chief Risk Officer owns GOVERN, often through a cross-functional AI Governance Committee. Federal agencies are required by OMB Memorandum M-24-10 (March 2024) to designate a Chief AI Officer. Whatever the title, NIST expects a single accountable executive with documented decision rights, budget authority, and the ability to block or remediate AI deployments that exceed risk tolerance.
Is NIST AI RMF mandatory?
The NIST AI RMF is voluntary for private-sector organisations. It is effectively mandatory for US federal agencies under Executive Order 14110 (October 2023) and OMB M-24-10 (March 2024). For private companies, NIST alignment is increasingly required by federal procurement, state laws (such as the Colorado AI Act), enterprise customer security questionnaires, and AI-specific insurance underwriting.
How does GOVERN relate to ISO 42001?
ISO/IEC 42001 (2023) is a management system standard for AI, and its requirements overlap heavily with GOVERN. ISO 42001 clauses on AI policy, roles and responsibilities, risk treatment, supplier controls, and management review correspond closely to GOVERN 1, 2, 4, and 6. Organisations implementing GOVERN typically cover 70 to 80 percent of the ISO 42001 management system requirements at the same time, which is why most enterprises now pursue both together.
What documents prove GOVERN compliance?
Auditors and regulators typically expect: a published AI Acceptable Use Policy with version history; an AI Governance Committee charter naming members and decision rights; a current AI system inventory with risk ratings and named owners; a third-party AI vendor register with risk tier and contract clauses; training completion records by role; meeting minutes and decision logs from the governance committee; and audit logs from the enforcement layer that show specific policy rules firing in real interactions.
How long does GOVERN implementation take?
A focused GOVERN implementation typically takes 8 to 12 weeks to reach an initial operational state: 2 weeks to charter the committee and name owners, 4 weeks to draft and ratify policies, 2 weeks to translate policies into enforcement rules, and 2 to 4 weeks to roll out training and stakeholder engagement processes. Continuous improvement and quarterly reviews then run indefinitely. Organisations using Areebi commonly compress this to 4 to 6 weeks because policy templates, audit logging, and the inventory are platform features rather than manual deliverables.
Related Resources
- NIST AI RMF Compliance Hub
- Areebi Platform
- Policy Engine
- DLP Controls
- Audit Log
- Compliance Dashboards
- AI Governance Assessment
- EU AI Act Compliance
- Colorado AI Act Compliance
- NIST AI RMF Implementation Guide
- ISO 42001 Certification Guide
- Build an AI Governance Program
- AI Compliance Landscape 2026
- Shadow AI Guide
- Model Supply Chain Security
Stay ahead of AI governance
Weekly insights on enterprise AI security, compliance updates, and governance best practices.
Stay ahead of AI governance
Weekly insights on enterprise AI security, compliance updates, and best practices.
About the Author
Areebi Research
The Areebi research team combines hands-on enterprise security work with deep AI governance research. Our analysis is informed by primary sources (NIST, ISO, OECD, federal registers, IAPP) and the operational realities of CISOs running AI programs in regulated industries today.
Ready to govern your AI?
See how Areebi can help your organization adopt AI securely and compliantly.