This bill directs federal agencies to use the Artificial Intelligence Risk Management Framework developed by the National Institute of Standards and Technology (NIST) regarding the use of artificial intelligence (AI).
Specifically, the bill requires NIST to issue guidelines for agencies to incorporate the framework into their AI risk management efforts, which shall, among other things
provide standards, practices, and tools consistent with the framework and how they can leverage the framework to reduce risks to people and the planet for agency implementation in the development, procurement, and use of AI;
specify appropriate cybersecurity strategies and the installation of effective cybersecurity tools to improve security of AI systems; and
set minimum requirements for developing profiles for agency use of AI.
The Office of Management and Budget (OMB) must issue guidance requiring federal agencies to incorporate the framework and the guidelines into their AI risk management efforts.
The Government Accountability Office shall study the impact of the application of the framework on agency use of AI.
The OMB must (1) periodically report to Congress on agency implementation and conformity to the framework, and (2) establish an initiative to provide expertise on AI pursuant to requests by agencies.
NIST shall (1) complete a study to review the existing and forthcoming voluntary consensus standards for the testing, evaluation, verification, and validation of AI acquisitions; and (2) convene relevant stakeholders to develop such standards and take other specified steps.
