{
  "updated": "2026-05-15",
  "stale_threshold_days": 180,
  "items": [
    {
      "id": "nist-ai-rmf",
      "name": "NIST AI Risk Management Framework",
      "short": "NIST AI RMF",
      "body": "NIST",
      "url": "https://www.nist.gov/itl/ai-risk-management-framework",
      "version": "1.0",
      "published": "2023-01-26",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L3", "L4", "L5"],
      "scope": "Defines what governance outcomes to achieve. The SRF answers who owns each component.",
      "tags": ["governance", "risk", "us", "voluntary"]
    },
    {
      "id": "eu-ai-act",
      "name": "EU Artificial Intelligence Act",
      "short": "EU AI Act",
      "body": "European Union",
      "url": "https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1689",
      "version": "2024/1689",
      "published": "2024-07-12",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L3", "L5"],
      "scope": "Defines which regulatory obligations apply by risk tier (Unacceptable / High / Limited / Minimal). Applies to providers and deployers placing AI systems on the EU market.",
      "tags": ["regulation", "mandatory", "eu", "risk-tier"]
    },
    {
      "id": "iso-42001",
      "name": "ISO/IEC 42001 — AI Management Systems",
      "short": "ISO 42001",
      "body": "ISO/IEC",
      "url": "https://www.iso.org/standard/81230.html",
      "version": "2023",
      "published": "2023-12-18",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L3", "L4", "L5"],
      "scope": "Defines how to manage an AI management system. Certifiable standard. The SRF layer model maps directly into its organizational and technical controls.",
      "tags": ["standard", "management-system", "certifiable", "international"]
    },
    {
      "id": "iso-22989",
      "name": "ISO/IEC 22989 — AI Concepts and Terminology",
      "short": "ISO 22989",
      "body": "ISO/IEC",
      "url": "https://www.iso.org/standard/74296.html",
      "version": "2022",
      "published": "2022-07-01",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L3", "L4", "L5"],
      "scope": "Defines the eight AI stakeholder roles (§5.19) that map directly to the CoSAI SRF personas.",
      "tags": ["standard", "terminology", "international"]
    },
    {
      "id": "nist-ai-600-1",
      "name": "NIST AI 100-1 — AI Risk Management",
      "short": "NIST AI 100-1",
      "body": "NIST",
      "url": "https://doi.org/10.6028/NIST.AI.100-1",
      "version": "1.0",
      "published": "2023-01-26",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L3", "L4", "L5"],
      "scope": "Voluntary guidance for managing risks to individuals, organizations, and society from AI. Companion to the NIST AI RMF.",
      "tags": ["guidance", "risk", "us", "voluntary"]
    },
    {
      "id": "nistir-8605a",
      "name": "COSAiS — SP 800-53 Control Overlays for Securing AI Systems",
      "short": "NIST COSAiS / NISTIR 8605A",
      "body": "NIST",
      "url": "https://csrc.nist.gov/projects/cosais",
      "version": "Annotated outline Jan 2026 (pre-draft)",
      "published": "2026-01-08",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L3", "L4", "L5"],
      "scope": "SP 800-53 control overlay methodology for AI systems. Volume A (Predictive AI) annotated outline released Jan 2026; full NISTIR 8605A draft forthcoming. Covers AI lifecycle phases (Training / Deployment / Maintenance / Continuous) and cross-references MITRE ATLAS adversarial ML technique IDs (AML.Txxxx). Subject to change.",
      "tags": ["guidance", "risk", "us", "draft", "federal"]
    },
    {
      "id": "nist-csf-2",
      "name": "NIST Cybersecurity Framework 2.0",
      "short": "NIST CSF 2.0",
      "body": "NIST",
      "url": "https://www.nist.gov/cyberframework",
      "version": "2.0",
      "published": "2024-02-26",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L3", "L4"],
      "scope": "Voluntary framework for managing cybersecurity risk across six functions: Govern, Identify, Protect, Detect, Respond, Recover. CSF 2.0 added Govern as a new function and expanded scope beyond critical infrastructure. AI systems fall under CSF Govern and Identify functions primarily at L1 and L3.",
      "tags": ["governance", "risk", "us", "voluntary"]
    },
    {
      "id": "owasp-llm-top10",
      "name": "OWASP LLM Top 10",
      "short": "OWASP LLM Top 10",
      "body": "OWASP",
      "url": "https://owasp.org/www-project-top-10-for-large-language-model-applications/",
      "version": "2025",
      "published": "2025-01-01",
      "last_verified": "2026-05-15",
      "srf_layers": ["L3", "L4", "L5"],
      "scope": "Ten most critical security risks for LLM-powered applications. Maps to L3 (application guardrails) and L4 (platform-level mitigations).",
      "tags": ["security", "llm", "voluntary", "international"]
    },
    {
      "id": "csa-aicm",
      "name": "CSA AI Controls Matrix",
      "short": "CSA AICM",
      "body": "Cloud Security Alliance",
      "url": "https://cloudsecurityalliance.org/artifacts/ai-controls-matrix",
      "version": "1.0.3",
      "published": "2025-11-10",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L3", "L4", "L5"],
      "scope": "243 controls across 18 domains with crosswalks to EU AI Act, ISO 42001, NIST AI 600-1, and BSI AI C4. Ownership tiers (MP/OSP/AP) map to CoSAI layers.",
      "tags": ["controls", "cloud", "voluntary", "international"]
    },
    {
      "id": "mitre-atlas",
      "name": "MITRE ATLAS",
      "short": "MITRE ATLAS",
      "body": "MITRE",
      "url": "https://atlas.mitre.org/",
      "version": "4.7",
      "published": "2024-01-01",
      "last_verified": "2026-05-15",
      "srf_layers": ["L3", "L4", "L5"],
      "scope": "Adversarial threat landscape for AI-enabled systems. Attack tactics and techniques relevant to L3 application, L4 platform, and L5 model provider layers.",
      "tags": ["security", "threat", "voluntary", "us"]
    },
    {
      "id": "sr-26-2",
      "name": "SR 26-2 — Revised Guidance on Model Risk Management",
      "short": "SR 26-2",
      "body": "Federal Reserve",
      "url": "https://www.federalreserve.gov/supervisionreg/srletters/SR2602.pdf",
      "version": "2026",
      "published": "2026-01-01",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2", "L5"],
      "scope": "Revised model risk management guidance for financial institutions covering AI/ML systems, superseding the prior SR letter. Risk cascades across layers — model governance obligations span L5 (model provider), L2 (training data), and L1 (deploying organization).",
      "tags": ["regulation", "financial", "us", "mandatory"]
    },
    {
      "id": "fda-ai-ml",
      "name": "FDA AI/ML-Based Software as a Medical Device",
      "short": "FDA AI/ML SaMD",
      "body": "FDA",
      "url": "https://www.fda.gov/medical-devices/software-medical-device-samd/artificial-intelligence-and-machine-learning-aiml-enabled-medical-devices",
      "version": "2021 Action Plan",
      "published": "2021-01-12",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L3", "L5"],
      "scope": "Validation and change-control requirements for AI/ML used in medical devices. Model validation responsibility cascades from L5 (model provider) through L3 (application developer) to L1 (deploying organization).",
      "tags": ["regulation", "healthcare", "us", "mandatory"]
    },
    {
      "id": "gdpr",
      "name": "General Data Protection Regulation",
      "short": "GDPR",
      "body": "European Union",
      "url": "https://gdpr-info.eu/",
      "version": "2016/679",
      "published": "2018-05-25",
      "last_verified": "2026-05-15",
      "srf_layers": ["L1", "L2"],
      "scope": "Data protection obligations that intersect AI at the L2 (information / data owner) layer. Relevant to training data, inference data, and automated decision-making (Article 22).",
      "tags": ["regulation", "privacy", "eu", "mandatory"]
    }
  ]
}