OSCAL Community Catalog of NIST AI RMF v0.4 Ships
We just tagged v0.4.0 of the community OSCAL conversion of NIST AI RMF: 72 subcategory controls across 4 functions, 4 worked-example tier profiles, 41 per-divergence remediation proposals, and 176 cross-reference links validated by 5-layer CI. CC0 1.0 licensed. The NIST OSCAL team has acknowledged the upstream conversion is paused due to resource constraints.
What v0.4 Contains
The Agent-Threat-Rule/ai-rmf-oscal-catalog repo just tagged v0.4.0. CC0 1.0 licensed. No attribution required.
The deliverable is a schema-valid OSCAL conversion of the full NIST AI RMF 1.0 Core. 72 subcategory controls covering all four functions:
| Function | Controls |
|---|
|---|---|
| GOVERN | 19 |
|---|
| MAP | 18 |
|---|
| MEASURE | 22 |
|---|
| MANAGE | 13 |
|---|
The catalog uses Core wording for every control statement. This matters because compliance work typically cites the Core HTML rendering, not the Playbook JSON export. The two NIST sources drift in 41 of 72 subcategories — more on that in a separate post.
Four Worked-Example Profiles
Profiles are OSCAL's mechanism for tailoring a catalog to a deployment context. We ship four:
- ●baseline — all 72 controls, no tailoring
- ●Tier 1 Foundational — 18 controls, minimum due diligence for low-risk internal tooling
- ●Tier 2 Customer-Facing — 55 controls, production agents that touch customer data
- ●Tier 3 High-Risk — all 72 controls with high-risk framing (healthcare, finance, safety-of-life)
These are starting points, not normative. Profile schemas validate in CI.
Remediation Proposals and Cross-Refs
41 per-divergence remediation proposals address every drift between the AI RMF Playbook JSON and the Core HTML. Each carries an adopt-core or adopt-core-with-caveat decision plus literal patch text. Two systemic findings:
- ●S-1 Function-name casing affects 12 controls (Playbook uppercases "MAP function" where Core lowercases it)
- ●S-2 Core-internal hyphenation inconsistency at GOVERN 6.1 vs MAP 4.1
On top of statements, the catalog ships 176 cross-reference links across 56 of 72 controls (78% coverage). These were generated by a two-stage pipeline: a regex extractor pulled 31 explicit references, then a topic-graph extractor added 145 more by matching control keyphrases against subcategory vocabularies. Every link resolves in CI.
5-Layer CI Validation
Every push runs:
1. Catalog schema validation against OSCAL 1.1.2
2. Profile schema validation (×4)
3. Completeness check — 72 controls present, no orphans
4. Cross-reference resolution — every link target exists
5. Drift detection — re-derive Playbook diff and confirm proposals still apply
Where Things Stand With NIST
The NIST OSCAL team thread is open at usnistgov/OSCAL#2234. @iMichaela responded acknowledging that the official AI RMF OSCAL conversion is paused due to resource constraints. Our v0.4 reply is scheduled for 2026-05-21.
We are not trying to replace the upstream effort. We are publishing a parallel implementation under CC0 so practitioners have something they can run today, and so when NIST resumes the official work, our drift analysis and remediation patches are sitting in the public record.