Labsco
microsoft logo

rai-standards

✓ Official1,245

by microsoft · part of microsoft/hve-core

Consolidated Responsible AI standards reference: NIST AI RMF 1.0, AI STRIDE threat-modeling overlay, EU AI Act risk tiers, and an open-standards catalog with phase mapping

🧩 One of 7 skills in the microsoft/hve-core package — works on its own, and pairs well with its siblings.

This is the playbook your agent receives when the skill activates — you don't need to read it to use the skill, but it's here to audit before installing.

RAI Standards Skill

This skill is the reusable standards package for the RAI Planner. It consolidates the embedded NIST AI RMF content, the AI STRIDE threat-modeling overlay, and a paraphrased EU AI Act reference so the phase playbook can stay focused on workflow and orchestration.

Attribution and licensing posture

  • NIST AI RMF 1.0 is a U.S. Government document and is reproduced here as public-domain reference material with attribution.
  • EU AI Act content in this skill is paraphrased and attributed rather than quoted verbatim, consistent with the open legal-text posture used in the repository.
  • The AI STRIDE overlay is Microsoft-authored reference material for threat-modeling reuse in the RAI workflow.

Framework index

NIST AI RMF trustworthiness characteristics

KeyCharacteristicDescription
validReliableValid and ReliableBase characteristic for correctness, robustness, and stability
safeSafeSafety and harm prevention under normal and adversarial conditions
secureResilientSecure and ResilientResistance to attack, misuse, and failure
accountableTransparentAccountable and TransparentGovernance, auditability, and decision provenance
explainableInterpretableExplainable and InterpretableUnderstandability of model behavior and outputs
privacyEnhancedPrivacy-EnhancedProtection of personal data and confidentiality
fairBiasManagedFair with Harmful Bias ManagedBias detection, mitigation, and equitable outcomes

Phase-to-framework mapping

RAI phasePrimary standards packageNotes
Phase 1 ScopingNIST AI RMF Govern + MapContext, purpose, stakeholders, and policy framing
Phase 2 Risk ClassificationNIST AI RMF GovernGovernance culture, DEI&A, and stakeholder engagement
Phase 3 Standards MappingNIST AI RMF Govern + MeasureCore standards mapping and TEVV alignment
Phase 4 Security Model AnalysisAI STRIDE overlay + MeasureThreat modeling and overlap with security analysis
Phase 5 Impact AssessmentNIST AI RMF ManageRisk prioritization, mitigation, and monitoring
Phase 6 Review and HandoffNIST AI RMF Manage + EU AI ActRegulatory review, incident response, and evidence handoff

Customer extension pattern

The default framework remains NIST AI RMF 1.0. When a customer supplies an additional framework, preserve the default NIST mapping as a baseline and layer the custom framework on top with explicit attribution. This keeps the planner interoperable while allowing organizations to add ISO, sector, or regional references without rewriting the core playbook.

Open-standards catalog

Use the links below as the reference catalog for open standards and governance resources. Do not reproduce normative text verbatim when the license posture does not allow it.