Obligation guide

What is AI Risk Management?

Required by 6 regulations across 5 states and jurisdictions in our database.

Definition

AI risk management is an ongoing program that identifies, ranks, and treats risks from AI systems. It borrows from privacy and security programs but focuses on model behavior, oversight, and vendor reliance rather than only data breach scenarios.

See also our AI compliance glossary for short definitions of common terms.

Related glossary entries

Which regulations require this

Colorado AI Act (SB 24-205)
Requires developers and deployers of high-risk AI systems to use reasonable care to protect consumers from algorithmi...
COAI-specificHighUpcoming
California Transparency in Frontier AI Act (SB 53)
Requires developers of frontier AI models trained above the compute threshold set in statute (very large scale) to pu...
CAAI-specificHighIn effect
New York Responsible AI Safety and Education Act (RAISE Act, A 9449)
Requires developers of frontier AI models operating in New York to implement safety protocols, conduct impact assessm...
NYAI-specificMediumUpcoming
Texas Responsible AI Governance Act (RAIGA)
Prohibits development and deployment of AI systems for behavioral manipulation, unlawful discrimination, and certain...
TXAI-specificLowIn effect
Montana Right to Compute Act (SB 212)
Declares a strong default in favor of owning and using computational resources and limits government interference to...
MTAI-specificLowIn effect
NIST AI Risk Management Framework (AI RMF 1.0)
NIST AI RMF is a voluntary framework used as a practical benchmark by regulators and lawmakers. Following it can supp...
FEDERALFederalLowIn effect

Which states reference this obligation

CACOFEDERALMTNYTX

What you should do next

Maintain a living register of models, owners, data classes, and deployment regions.
Score each system for legal, safety, and reputational impact.
Assign mitigations with dates, such as extra testing, human review, or vendor terms.
Review the register quarterly or when acquisitions and launches shift your footprint.
Tie executive reporting to the same metrics you would show a board audit committee.

Check if this applies to your company

The free scan maps obligations to your states, tools, and role.

Start your free scan