Skip to main content
Voight aligns with the NIST AI Risk Management Framework (AI RMF 1.0) and its Generative AI Profile (NIST-AI-600-1). The full document maps Voight across all four framework functions and is honest about where an observability platform fits — and where it doesn’t.

Quick reference

FieldValue
FrameworkNIST AI RMF 1.0 (AI 100-1)
CompanionGenerative AI Profile (NIST-AI-600-1)
Home functionMeasure — Voight is a measurement instrument
Also supportsMap (operational ground truth), Manage (alerts + traces)
InformsGovern (evidence, not governance)
Honest gapBias & fairness evaluation — application-level, not Voight
Security Contactteam@voight.xyz
Document Version1.0 — June 2026

Download the full document

Voight — NIST AI RMF Alignment

19 pages · Version 1.0 · June 2026All four AI RMF functions mapped to concrete Voight capabilities, a dedicated Generative AI Profile section, a coverage matrix, the seven trustworthiness characteristics, and an explicit statement of what Voight does not do.

Where Voight sits in the four functions

The AI RMF organises AI risk management into four functions. Voight’s alignment is concentrated — and honest about it:
FunctionVoight roleStrength
GOVERNInforms with evidenceSupporting
MAPSupplies real production behaviourModerate–Strong
MEASUREImplements (this is Voight’s home)Strongest
MANAGESupplies alerts, traces, recordsStrong
An observability platform is a Measure instrument that radiates outward into Map and Manage, and informs Govern with evidence. It is not — and does not claim to be — a governance programme.

The honest framing

Two principles run through the document:
  1. Voight is a Measure-function tool first. Measurement and tracking of AI risk over time is, almost exactly, what an observability platform does. Voight supports Map and Manage with operational evidence and informs Govern — but does not constitute governance.
  2. Observability is evidence, not governance. Voight produces the data and audit trail an AI RMF programme runs on. It does not set your risk tolerance, write your policies, or make your risk-treatment decisions. Those stay with your organisation.

Generative AI Profile

The document includes a dedicated section on the NIST Generative AI Profile (NIST-AI-600-1, July 2024). Because Voight is built specifically to observe generative-AI applications, several Profile risk areas — information security, data privacy, value-chain integration, and resource consumption — fall squarely in its measurement remit.

Voight’s own AI governance

Today, Voight does not operate an AI system within its own product — it observes its customers’ AI systems. The document records Voight’s platform-governance baseline and a forward commitment: when Voight’s roadmap AI features (Smart Trace, Prompt Scorer, Debug Agent) reach production, this document will be re-versioned to apply the AI RMF to each before it ships.

See also