Personnel should complete NIST AI RMF Training annually in order to satisfy specific requirements within the NIST AI RMF framework. You have the option to configure this training within Drata, a key step in addressing the associated controls.

Only Admins and Information Security Leads have access to this section within Drata.

Drata provides multiple ways to manage NIST AI RMF training within the application. When NIST AI RMF is enabled for your account you’ll have a setting for ‘Annual NIST AI RMF Training’ under the ‘Internal Security’ section. From here you can select one of four options:

Once you've selected an option using the radio button, select 'Update'.

Drata has developed our own embedded NIST AI RMF Training. This enables personnel to complete the training directly in My Drata during onboarding and easily fulfill their annual requirement, thereafter.

When an employee or contractor completes their NIST AI RMF training, Drata will generate a certificate of completion. This PDF is automatically uploaded to Drata and can be viewed/downloaded from the personnel drawer and by personnel in My Drata.

If your organization uses another tool or conducts internal trainings, select the second radio button. You can optionally add a URL for the external NIST AI RMF training which will link personnel to the training directly from the My Drata onboarding.

Once training is complete, personnel will need to return to ‘My Drata > Complete NIST AI RMF Training’ and upload proof of completion—such as a screenshot or other file. Once uploaded, the file can be viewed/downloaded from the personnel drawer and by personnel in My Drata.

If you wish to keep NIST AI RMF Training completely independent from Drata, you can select the third option which will exclude the ‘Complete NIST AI RMF Training’ step from personnel onboarding.

With this option, you'll need to manually upload a file directly in each personnel drawer by selecting the NIST AI RMF Training ‘View / Upload Evidence’ button.

If NIST AI RMF training is not required for your personnel or organization, select the fourth option to opt out of training. When selected, there will be no references to NIST AI RMF training in Drata.

Compliance is determined by the presence of evidence of NIST AI RMF Training—such as a certificate of completion, screenshot, or other file—for each current employee or contractor within your organization.

Navigate to the ‘Personnel’ page to see the status of NIST AI RMF Training compliance for all personnel under the 'NIST AI RMF Training' column, or select a specific person to view their personnel details and view or upload evidence.

​