100

NIST AI governance: standardize now vs keep developing

Risk-based AI governance is ready for immediate standardization.

[1][2]

Security, privacy, transparency, incident response, recovery, training-data practices, terminology, and taxonomy are near-term standards candidates.

[3][4]

TEVV procedures can be standardized now, but TEVV metrics and scientific validity still need development.

[5]

Human oversight alone is not enough; NIST points to unresolved measurement and configuration gaps, so standards should also require accountability, documentation, feedback, and independent testing.

[6]

Risk and trustworthiness metrics, realistic benchmarks and datasets, interpretability evidence, energy measures, and cross-hardware comparisons still require active development before rigid universal standards.

[7][8][9][10][11][12]