Key takeaways
- Four frameworks dominate AI governance in 2026: NIST AI RMF, ISO/IEC 42001, the EU AI Act, and the OECD AI Principles. Each plays a different role.
- NIST is a voluntary risk taxonomy. ISO/IEC 42001 is a certifiable management system. The EU AI Act is a binding regulation. The OECD Principles set the global ethical floor.
- Most mature programmes adopt several at once, mapping a single set of internal controls to several external frameworks to avoid duplicate evidence work.
- CEN-CENELEC harmonised standards (prEN 18228 risk management, prEN 18282 cybersecurity, others in the package) will reshape EU compliance proof in 2026-2027.
- Picking the right framework first depends on your posture: provider or deployer, EU or non-EU, regulated industry or general purpose.
What an AI governance framework actually is
An AI governance framework is a structured set of principles, controls, processes, and roles that an organisation uses to keep its AI systems within agreed bounds of risk, ethics, and legal compliance. A framework does not, by itself, make an AI system safe. It gives the organisation a repeatable way to decide whether the system is safe enough, who is accountable for keeping it that way, and what evidence proves the claim.
Frameworks usually answer four questions. What can go wrong with this AI system? Who owns each risk? What controls reduce the risk to an acceptable level? And how do we know, on an ongoing basis, that those controls still work?
Framework vs policy vs regulation
The three terms are often used interchangeably, which causes confusion in implementation. A regulation is law. The EU AI Act, for example, is binding on any provider or deployer placing AI on the EU market. A policy is an internal commitment, such as your company’s acceptable-use rules for generative AI. A framework is the connective tissue between the two: it translates external obligations and internal commitments into operational controls, with named owners and measurable outputs.
Why frameworks emerged in 2023-2025
The first wave of frameworks arrived between January 2023 and early 2025. NIST released the AI Risk Management Framework 1.0 in January 2023, followed by the Generative AI Profile in 2024. ISO/IEC published 42001 in December 2023. The EU AI Act entered into force on 1 August 2024 with staged application dates running through 2027. The OECD updated its AI Principles in May 2024 to address generative and general-purpose AI. The shared driver: AI capability moved faster than ad-hoc internal processes could absorb, and boards needed a defensible structure.
The four frameworks that matter in 2026
The AI governance market in 2026 sits on four anchors. The NIST AI Risk Management Framework is the dominant voluntary framework in the United States and increasingly the de facto reference for risk taxonomy globally. ISO/IEC 42001:2023 is the only certifiable AI management system standard, and it serves as the management-system spine for organisations already running ISO 27001 or ISO 9001. The EU AI Act is the most consequential binding regulation for AI worldwide and reshapes how providers and deployers in or selling into the EU operate. The OECD AI Principles, updated in 2024, set the values-based floor that 47 adherent jurisdictions explicitly reference, including the EU, the United States, the United Kingdom, and Japan.
Three other texts circle these four. The Council of Europe Framework Convention on AI, opened for signature in September 2024, locks in human-rights baselines for signatories. NIST cybersecurity guidance (the AI-specific extensions to NIST SP 800-53 and the CSF) and the upcoming CEN-CENELEC harmonised standards (prEN 18228 on AI risk management, prEN 18282 on AI cybersecurity specifications, and siblings) sit a layer below, translating principles into clauses providers can audit against.
NIST AI RMF 1.0 and the Generative AI Profile
The NIST AI Risk Management Framework, released in January 2023, organises AI risk work into four core functions: Govern, Map, Measure, and Manage. Each function decomposes into categories and sub-categories of outcomes, totalling roughly 70 outcome statements that an organisation can use as a self-assessment.
Govern, Map, Measure, Manage
Govern establishes the policies, accountabilities, and resources that put AI risk management on a formal footing. Map identifies the context, scope, intended use, and impacted stakeholders for a specific AI system. Measure assigns metrics and tests to the risks identified in Map. Manage applies treatments, including risk acceptance, mitigation, transfer, and avoidance, with continuous reviews built in.
This structure makes the AI RMF compatible with risk frameworks the organisation already runs. Govern maps cleanly onto ISO 31000 risk-management governance. Measure echoes ISO 27001 internal audit logic. Manage is the bridge to incident response and continuous improvement.
Where the GenAI Profile diverges
The Generative AI Profile (NIST AI 600-1) was produced with a public working group of 2,500 participants and centres on 13 risks specific to generative systems, with more than 400 suggested actions. Among the new risks: confabulation, dangerous information, data privacy leakage, environmental impact, harmful bias, human-AI configuration concerns, information integrity, information security, intellectual property infringement, obscene and abusive content, value chain and component integration risks, CBRN information uplift, and offensive cyber. Each links back to actions in Govern, Map, Measure, or Manage. Organisations using the GenAI Profile usually layer it on top of an existing AI RMF baseline rather than treat it as a replacement.
ISO/IEC 42001: AI as a management system
ISO/IEC 42001:2023 specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System, abbreviated AIMS. The standard is certifiable. An accredited body can audit a company against 42001 and issue a certificate, the way 27001 certificates are issued for information-security management.
Plan-Do-Check-Act applied to AI
Like ISO 27001 and 9001, 42001 follows the Plan-Do-Check-Act cycle. Plan sets the context, scope, leadership commitments, and risk acceptance criteria. Do operates the controls: data governance, model lifecycle, human oversight, incident handling. Check measures performance through internal audits, management review, and metrics. Act feeds findings back into the policy, the controls, and the resource plan.
The biggest implementation surprise for teams already running ISO 27001 is that 42001 takes AI-specific scope seriously. Many of its clauses, such as 6.1.3 on AI risk treatment, expect outputs that a generic ISMS would not produce: impact assessments, AI system inventories with intended use and risk tier, transparency documentation for stakeholders, and human oversight design.
How Annex A controls compare to ISO 27001
ISO/IEC 42001 includes an Annex A control set covering policies for AI, internal organisation, resources for AI systems, impact assessments, AI system lifecycle, data for AI systems, information for interested parties, and use of AI systems. There are roughly 38 controls. They overlap with ISO 27001’s 93 Annex A controls only partially. The two standards are designed to be complementary: an organisation can run a single integrated management system that satisfies both, but the AI-specific evidence requirements of 42001 do not collapse into the security controls of 27001.
The EU AI Act: a framework with legal teeth
The EU AI Act (Regulation (EU) 2024/1689) entered into force on 1 August 2024 with phased application. The general-purpose AI obligations applied from 2 August 2025. The bulk of the high-risk obligations apply from 2 August 2026. The remaining high-risk provisions (those covering AI embedded in regulated products) apply from 2 August 2027.
Unlike NIST or ISO, the AI Act is binding. Non-compliance carries fines of up to 35 million EUR or 7% of global turnover for prohibited practices, and up to 15 million EUR or 3% for most other breaches.
Article 9 risk management at the core
Article 9 is the operational heart of the regime for high-risk AI systems. Providers must establish, implement, document, and maintain a risk management system as a continuous iterative process, run throughout the entire lifecycle of the AI system, requiring regular systematic review and updating. The system must identify and analyse known and reasonably foreseeable risks, estimate and evaluate risks that may emerge when the system is used as intended and under conditions of reasonably foreseeable misuse, evaluate other risks possibly arising on the basis of post-market monitoring, and adopt appropriate and targeted risk management measures.
The AI Act explicitly accepts that residual risk is part of the deal. The standard is acceptability under intended use, not zero risk.
Harmonised standards and presumption of conformity
CEN-CENELEC JTC 21 is the joint technical committee tasked with developing harmonised standards in answer to the European Commission’s standardisation request M/593. When a provider applies a cited harmonised standard, it benefits from a legal presumption of conformity with the corresponding AI Act requirement. The draft texts (prEN) at this stage include risk management (prEN 18228), AI cybersecurity specifications (prEN 18282), and several siblings on quality management, conformity assessment, transparency, and governance of AI systems. Until those standards are published in the Official Journal as harmonised European norms, providers can apply ISO/IEC 42001, ISO/IEC 23894 (AI risk management guidance), and other recognised references as evidence of due diligence, although none of those grant a formal presumption of conformity.
OECD AI Principles: the global compass
The OECD AI Principles were adopted in 2019 and updated in May 2024. The 2024 update was driven by general-purpose and generative AI. It strengthens the language on privacy, intellectual property, safety, and information integrity. With 47 adherents including the European Union, the United States, Japan, Korea, and the United Kingdom, the OECD AI Principles function as the lingua franca for cross-border conversations about responsible AI.
The 2024 update and what it changed
The updated text retains the five values-based principles (inclusive growth and sustainable development, human rights and democratic values, transparency and explainability, robustness and safety, accountability) and adds clearer obligations on generative AI. It explicitly references mis- and disinformation, intellectual property protection in training data, and the responsibility of AI actors across the lifecycle. The OECD AI Observatory tracks national implementation through the OECD.AI policy database and publishes country profiles. The Principles are non-binding but referenced by the EU AI Act, the United Kingdom’s AI Safety Institute work, and several national strategies as their baseline.
Cross-mapping: where the frameworks overlap and diverge
The practical question for a compliance programme is rarely “which framework do we pick”. It is “how do we run a single control once and use the same evidence for several frameworks”. The table below shows the most useful mappings.
| Outcome | NIST AI RMF | ISO/IEC 42001 | EU AI Act | OECD AI Principles |
|---|---|---|---|---|
| Define AI governance ownership | Govern 1.1, 1.2 | Clauses 5.1, 5.3 | Articles 17, 22 (provider QMS, deployer instructions) | Principle 1.5 (accountability) |
| AI system inventory | Map 1.1, 4.1 | Clause 6.1, Annex A.6.2.1 | Article 16 (provider obligations), Article 49 (registration) | Principle 1.2 (transparency) |
| Risk identification and assessment | Map 5.1, 5.2 | Clause 6.1.3, Annex A.6.1.4 | Article 9(2)(a, b) | Principle 1.4 (robustness) |
| Data governance and quality | Map 2.3, Measure 2.10 | Annex A.7.1 to A.7.5 | Article 10 (data and data governance) | Principle 1.2 (transparency) |
| Human oversight design | Manage 1.3, 4.1 | Annex A.9.2 | Article 14 | Principle 1.3 (transparency on human in the loop) |
| Transparency to users | Govern 3.2, Map 5.1 | Annex A.8.2, A.8.3 | Articles 13, 50 | Principle 1.3 (transparency and explainability) |
| Post-market monitoring and incident handling | Manage 4.3, 4.4 | Clause 10.2 | Articles 72, 73 | Principle 1.4 (robustness, safety) |
The overlap is intentional. A control that satisfies NIST Manage 4.1 (decisions about ongoing operation including stop conditions) usually also satisfies ISO 42001 Annex A.9.2 (human oversight) and AI Act Article 14 (human oversight). The evidence is the same. The framing differs, which is why most compliance teams build their internal control library once and tag each control with the external clauses it satisfies.
How to pick a framework (or combine several)
Four signals usually decide where to start.
First, posture in the value chain. Providers placing AI systems on the EU market for high-risk uses have no real choice: the AI Act is binding, harmonised standards drive presumption of conformity, and ISO/IEC 42001 is the most common voluntary spine on top. Deployers face a lighter set of legal obligations, but the same internal controls help.
Second, jurisdiction. Companies serving the EU need the AI Act as the floor. Companies primarily serving the United States and federal contractors start with NIST AI RMF, which is increasingly required by US federal procurement and state-level AI bills. Multinationals run both, with ISO/IEC 42001 as the bridge.
Third, industry regulation. Highly regulated sectors (finance, health, public sector, critical infrastructure) layer sector regulators on top. Financial services typically pair NIST AI RMF with model risk management practices anchored in SR 11-7 and equivalent. Health adds MDR and clinical validation. Public sector adds impact assessments and registration requirements.
Fourth, organisational maturity. A team running its first AI governance programme should not start by chasing 42001 certification. Begin with the NIST AI RMF self-assessment to find the gaps, write the missing policies, build an AI inventory, then layer ISO/IEC 42001 once Plan-Do-Check-Act discipline is in place. Reverse the order and you spend twelve months auditing controls that are not yet operating.
From framework to operational controls
A framework is only as useful as the controls it produces. Translating Article 9 of the EU AI Act, Annex A of ISO/IEC 42001, and the Manage function of NIST AI RMF into a real internal control library is where most programmes lose momentum. The three-step pattern that works in practice: build one internal control catalogue, tag each control with the external clauses it satisfies, and link each control to the evidence artefact that proves it.
AI Sigil is built around this pattern. Each platform module maps to a layer of the framework stack: the AI Registry is the inventory that satisfies NIST Map 1.1, ISO/IEC 42001 Annex A.6.2.1, and EU AI Act Article 49. The Risk Assessment module satisfies NIST Measure 2.x, ISO/IEC 42001 clause 6.1.3, and AI Act Article 9. The Framework Compliance module is the cross-mapping engine itself: one control, several presumptions of conformity. Evidence and Audit captures the artefacts in a way that survives an ISO audit and an AI Act conformity assessment.
Common pitfalls when implementing a governance framework
Five anti-patterns appear in nearly every programme that stalls.
- Adopting the framework as documentation, not as operating model. Teams write the AI policy, copy a few NIST or ISO clauses, file it, and continue working as before. A framework that does not change daily behaviour is theatre.
- Picking the wrong starting point. Going straight to 42001 certification before the AI inventory exists means auditors finding evidence gaps. Start with the inventory, then risk classification, then the controls those risks require.
- Treating frameworks as alternatives instead of as layers. NIST, ISO 42001, the AI Act, and OECD principles answer different questions. Picking only one leaves gaps that the others would have caught.
- Underestimating data governance. Article 10 of the AI Act, Annex A.7 of ISO 42001, and Map 2.3 of NIST all require defensible practices on training data, validation data, and ongoing data quality. Most programmes underinvest here and pay later.
- No named accountable owners. A framework without a single accountable executive per risk area degrades into a coordination problem. Both NIST Govern 1.2 and AI Act Article 17 expect named ownership.
FAQ
What are the most important AI governance frameworks in 2026?
Four matter most in 2026: NIST AI RMF 1.0 (with the GenAI Profile), ISO/IEC 42001:2023, the EU AI Act (Regulation 2024/1689), and the OECD AI Principles updated in May 2024. Most mature programmes adopt three of the four simultaneously, with NIST for risk taxonomy, ISO 42001 for the management system, and the AI Act as the binding regulatory floor for EU-facing systems.
Is ISO/IEC 42001 certification mandatory under the EU AI Act?
No. The AI Act does not mandate ISO/IEC 42001. However, certification provides strong evidence of due diligence and supports the conformity assessment work an EU provider must do. Until CEN-CENELEC harmonised standards are published in the Official Journal, providers often rely on ISO/IEC 42001 and ISO/IEC 23894 as the most credible voluntary references.
How does the NIST AI RMF compare to ISO/IEC 42001?
NIST AI RMF is a voluntary risk-management taxonomy with four functions and around 70 outcomes. It is freely available and widely adopted in the United States. ISO/IEC 42001 is a certifiable management system standard with formal clauses and an Annex A control set. They are complementary. NIST tells you what risks to manage. ISO/IEC 42001 tells you how to run the management system that manages them.
Are harmonised CEN-CENELEC standards available now?
Not yet as final harmonised European norms. JTC 21 has produced multiple draft standards, including prEN 18228 on AI risk management and prEN 18282 on AI cybersecurity specifications, that circulate as licensed drafts in 2026. Final publication in the Official Journal of the European Union and the resulting presumption of conformity are expected over 2026 and 2027.
What is the smallest viable AI governance framework for a startup?
For an early-stage company that builds or deploys AI but is not yet selling into the EU, the minimum viable set is: a written AI policy, an AI system inventory with intended use and risk tier per system, an impact assessment process anchored on NIST AI RMF Map and Measure, named accountable owners, and a short incident response procedure. As soon as the company touches EU customers or regulated industries, the AI Act and ISO/IEC 42001 become unavoidable.
Do the OECD AI Principles have any legal effect?
Not directly. They are non-binding. Their effect is indirect but significant: they are referenced explicitly by the EU AI Act, the United Kingdom’s AI policy framework, and several national strategies as a baseline. Adhering to them is rarely sufficient alone, but failing to align with them is a reputational liability in cross-border contexts.
Conclusion
AI governance frameworks in 2026 are not interchangeable. Each answers a different question, and each one carries a different cost of non-compliance. The mature path is to treat them as layers: OECD as the values floor, NIST as the risk taxonomy, ISO/IEC 42001 as the management system, and the EU AI Act as the binding regulatory ceiling for anyone selling into Europe. Build one internal control catalogue, map it to all four, and the evidence work compounds instead of duplicating. That is the operational shift that takes a governance programme from documentation theatre to defensible practice.