Knowledge Center

AI Governance Frameworks

Your reference guide to the major AI governance frameworks and regulations. Understand what applies to your organization and how to respond.

EU AI ActISO/IEC 42001NIST AI RMFOECD AI PrinciplesUNESCO AI Ethics Recommendation

EU AI Act

In Force

European Union

The EU AI Act is the world's first comprehensive legal framework for artificial intelligence, establishing risk-based rules for AI systems placed on the EU market or affecting EU residents.

Key Points

  • Risk-based approach: Unacceptable, High, Limited, and Minimal risk categories
  • Bans on prohibited AI practices (social scoring, real-time biometric surveillance in public spaces)
  • Strict requirements for high-risk AI systems (transparency, data governance, human oversight)
  • Transparency obligations for GPAI (general purpose AI) models
  • Enforcement: Fines up to €35M or 7% of global annual turnover
  • Phased timeline: Most provisions apply from August 2026

Who it affects

Providers and deployers of AI systems in the EU market, regardless of where the company is headquartered.

Related Resources

ISO/IEC 42001

Published 2023

International Standard

ISO/IEC 42001:2023 is the first international standard for Artificial Intelligence Management Systems (AIMS). It provides a framework for organizations to establish, implement, maintain, and continually improve AI governance.

Key Points

  • Management system standard (similar structure to ISO 27001, ISO 9001)
  • Covers AI policy, planning, support, operation, performance evaluation, and improvement
  • Includes requirements for AI risk and opportunity management
  • Requires documented AI objectives, roles, and responsibilities
  • Certifiable — organizations can achieve third-party certification
  • Aligned with other ISO management system standards for easy integration

Who it affects

Any organization that develops, provides, or uses AI systems. Particularly relevant for organizations seeking to demonstrate AI governance to customers, regulators, or partners.

Related Resources

NIST AI RMF

Published 2023

United States

The NIST AI Risk Management Framework (AI RMF 1.0) provides guidance for organizations to manage AI risks. Developed by the US National Institute of Standards and Technology, it is voluntary but widely adopted by US federal agencies and companies.

Key Points

  • Four core functions: GOVERN, MAP, MEASURE, MANAGE
  • Defines AI trustworthiness characteristics (valid, reliable, safe, secure, explainable, fair, privacy-enhanced, accountable)
  • Voluntary framework — not legally mandated (though increasingly referenced in contracts)
  • Designed to be technology-agnostic and sector-neutral
  • Companion resources: AI RMF Playbook, TEVV guidance
  • Referenced by US Executive Orders on AI

Who it affects

US federal agencies, US government contractors, and organizations seeking alignment with US AI governance expectations.

Related Resources

OECD AI Principles

Updated 2024

International

The OECD Principles on AI (2019, updated 2024) are internationally recognized principles adopted by 46 countries. They inform national AI policies and regulation globally, including the EU AI Act.

Key Points

  • 5 principles: Inclusive growth, human-centered values, transparency, robustness, accountability
  • Adopted by G20 and 46+ countries
  • Influenced the design of the EU AI Act and NIST AI RMF
  • Updated in 2024 to reflect developments in generative AI
  • Include recommendations for AI policy makers and governments
  • Form the basis of international AI governance dialogue

Who it affects

Government policy makers, organizations seeking to align with international best practices, and multinational companies.

Related Resources

UNESCO AI Ethics Recommendation

Adopted 2021

International

The UNESCO Recommendation on the Ethics of AI (2021) is the first global standard-setting instrument on AI ethics, adopted by 193 member states. It provides a comprehensive ethical framework for AI development and use.

Key Points

  • Covers human rights, inclusion, diversity, environmental sustainability
  • Establishes AI ethics principles applicable to governments and organizations
  • Addresses gender equality, indigenous knowledge, and cultural diversity in AI
  • Includes guidance on AI ethics governance structures
  • Adopted by 193 UNESCO member states
  • Informs national AI ethics policies worldwide

Who it affects

Governments, international organizations, and companies operating globally with attention to human rights and ethical AI.

Related Resources

Need Help Navigating These Frameworks?

Our courses, toolkits, and advisory services help you understand and implement the frameworks that apply to your organization.

Explore CoursesTalk to an Expert

Stay Ahead of AI Governance

Get practical updates on EU AI Act, ISO 42001, NIST AI RMF, and AI governance best practices. No fluff. Unsubscribe anytime.