Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram
Templates / NIST AI RMF Self-Assessment Workbook
.xlsx ✓ Professional Edition Updated Q2 2026

NIST AI RMF Self-Assessment Workbook

A structured Excel workbook covering all 72 NIST AI RMF subcategories with 0–5 maturity scoring, evidence tracking, action planning, and an automated summary dashboard. Assess your organization’s AI risk management maturity across Govern, Map, Measure, and Manage.

5
Tabs
72
Subcategories
3
Frameworks
1–2hr
To Deploy
NIST AI RMF 1.0 EU AI Act 2024 ISO 42001:2023
Build vs. Buy
From scratch
Research 72 subcategories4 hrs = $200
Build 5 tabs + formulas6 hrs = $300
Map evidence + actions3 hrs = $150
Build dashboard formulas2 hrs = $100
15 hours$750
vs
This template
Purchase$50.00
Customize for your org2 hrs = $100
72 subcategoriesIncluded
Evidence + actionsIncluded
2 hours$150
$600 saved
13 hours back | 12:1 ROI on $50.00
At $50/hr. The price of this template as the hourly rate
“What if I use AI to write it?”
AI makes drafting faster, but it doesn’t reduce the total work. You still need the actual NIST AI RMF PDF to verify every subcategory description, the ISO 42001 standard to validate cross-mappings, and SME-level expertise to design a maturity scoring model that auditors will accept. AI hallucinates subcategory IDs, invents cross-framework mappings, and generates dashboard formulas that look correct but miscalculate. The work shifts from building to verification, and verification takes just as long.
~14hwith AI + expert verification
2hwith this template
72subcategories mapped
3source PDFs read
$50.00
One-time purchase · Instant download
  • Fully editable Excel .xlsx. customize for your organization
  • 5 worksheets: Assessment (72 subcategories), Evidence Repository, Action Plan, Summary Dashboard, and Instructions
  • Aligned to 3 frameworks: NIST AI RMF, EU AI Act, ISO 42001
  • 0–5 maturity scoring with conditional formatting. Red/amber/green visual heat mapping
  • Dropdown validations for status, priority, evidence type, and maturity scores
  • Updated Q2 2026. 348 pre-mapped evidence entries linked to all 72 subcategories
.xlsx NIST AI RMF EU AI Act ISO 42001 ✦ Q2 2026 v1
🔒Secure checkout via Stripe · Instant delivery · 14-day guarantee
Often bought with: NIST AI RMF Program Tracker Tool
Need a PO or invoice? Contact us
Overview
What this tool does

The NIST AI Risk Management Framework defines 72 subcategories across four functions, Govern, Map, Measure, and Manage. That organizations should address when deploying AI systems. Most teams assess their maturity against these subcategories using ad-hoc spreadsheets that drift out of alignment with the standard, lack structured evidence tracking, and produce dashboards that require manual aggregation.

This workbook provides a complete, structured self-assessment tool pre-populated with all 72 subcategories, their descriptions, and cross-mappings to ISO 42001 and EU AI Act. Each subcategory has a 0–5 maturity score with conditional formatting that visually maps your readiness: red for critical gaps (0–1), amber for developing areas (2–3), and green for strong maturity (4–5). The Evidence Repository links 348 pre-mapped entries to specific subcategories, and the Action Plan tracks remediation with priority and status fields.

The Summary Dashboard auto-calculates from the Assessment tab. Maturity averages by function, status distribution, evidence coverage, and priority metrics. No manual formula maintenance required. Worked examples are included on every tracker to show the expected data format and scoring approach.

What’s Inside
5 Tabs · Audit-Aligned Structure
The primary assessment covering all 72 NIST AI RMF subcategories across 19 categories within 4 functions (Govern, Map, Measure, Manage). Each subcategory includes a description, 0–5 maturity score with conditional formatting, status tracking, priority rating, responsible party, and notes field. ISO 42001 and EU AI Act cross-mappings are included per subcategory.
NIST AI RMF 1.072 Subcategories0–5 Scoring
Pre-mapped evidence entries linked to each of the 72 subcategories. Tracks evidence title, type (policy, procedure, record, report, test result), location, status, review date, and linked subcategory ID. Provides the documentation backbone for audit readiness.
ISO 42001 Cl. 7.5Audit Trail
Remediation and improvement tracking tied to assessment findings. Each action includes priority (High/Medium/Low), status (5-state), responsible party, target date, and linked subcategory. Conditional formatting highlights overdue and high-priority items for executive visibility.
NIST MANAGERemediation
Automated executive dashboard with assessment overview (date, status formula, total subcategories), maturity averages by function (Govern, Map, Measure, Manage), status distribution, evidence and remediation counts, and priority breakdown. All metrics are formula-driven from the Assessment tab. No manual updates needed.
NIST MEASUREISO 42001 Cl. 9.1
Setup instructions covering maturity scoring scale definitions (0–5), how to use each tab, sheet overview, interactive features guide (conditional formatting, dropdowns, dashboard formulas, freeze panes, worked examples), scope limitations, and full disclaimer with limitation of liability.
How to UseSetup Guide
Audience
Who deploys this tool
📈
CISO / Chief Risk Officer
Uses the Summary Dashboard for portfolio-level maturity visibility. Monitors function-level scores, gap counts, and evidence coverage to report AI risk posture to the board.
📋
AI Governance Lead
Primary operator of the assessment. Scores each subcategory, assigns evidence, creates action plans, and drives the maturity improvement roadmap across functions.
📝
Compliance Officer
Validates framework alignment across NIST AI RMF, ISO 42001, and EU AI Act. Uses cross-mappings to demonstrate multi-framework coverage from a single assessment.
🔍
Internal Auditor
Uses the Evidence Repository as audit evidence for AI risk management maturity. Verifies scoring methodology, evidence completeness, and action plan follow-through.
Framework Alignment
How this tool maps to standards
NIST
NIST AI RMF 1.0
Complete coverage of all 72 subcategories across 4 functions and 19 categories. Maturity scoring aligned to NIST playbook suggested practices.
GOVERN 1–6MAP 1–5MEASURE 1–4MANAGE 1–4
EU
EU AI Act 2024
Cross-mapping column shows EU AI Act article alignment per subcategory. Supports Art. 9 risk management and Art. 17 quality management documentation.
Art. 9Art. 17Art. 61
42001
ISO/IEC 42001:2023
Cross-mapping column identifies ISO 42001 clause and Annex A control alignment. Evidence Repository supports Cl. 7.5 documented information requirements.
Cl. 6.1Cl. 7.5Cl. 9.1Annex A
Value Proposition
Build from scratch vs. use this tool
✓ With This Tool
All 72 subcategories pre-populated with descriptions and cross-mappings.
348 evidence entries pre-mapped to subcategories. No manual linking.
Dashboard auto-calculates maturity by function. No manual aggregation.
Conditional formatting for maturity heat maps. Visual readiness at a glance.
Every subcategory verified against the published NIST AI RMF 1.0 document.
Ready in 1–2 hours instead of starting from a blank spreadsheet.
✗ From Scratch
15+ hours transcribing 72 subcategories from the NIST AI RMF PDF.
Evidence mapping requires deep knowledge of what documentation auditors expect per subcategory.
Maturity scoring model needs calibration. What does a 3 vs 4 actually mean?
Dashboard formulas are complex. AVERAGEIFS, COUNTIFS, conditional status logic.
Cross-framework mapping to ISO 42001 and EU AI Act requires access to both standards.
Conditional formatting for 72 rows across multiple columns takes hours to configure correctly.

Already running NIST AI RMF assessments? Use the cross-mapping columns to identify ISO 42001 and EU AI Act coverage gaps you may not be tracking.

“Why is this only $50?”

I’ve been building governance documentation since 2012. That year I helped my healthcare analytics company earn its first HITRUST certification. Since then I’ve created and managed compliance documentation for SOC 2, PCI DSS, HITRUST, and ISO 27001 programs across enterprise organizations. I have a writing degree and I genuinely like this work.

HITRUST CSF SOC 2 PCI DSS ISO 27001 14 Years in GRC Writing Degree

Credentials don’t explain the price though. This does:

I want AI adopted responsibly. I don’t want my friends, my family, or my kids dealing with threats and risks that come from deploying AI without governance. Organizations will take the path that earns them the most money. That’s how business works. So I feel obligated to put quality documentation out at a price where governance isn’t something only Fortune 500 companies can afford. I don’t need to charge thousands of dollars to make a difference. I care about helping where I can.

You’re building something that matters. An assessment process that earns trust from your board, your customers, and your team. And it has to work.

The citations in these templates were checked against the published standards. The actual ISO 42001:2023 PDF, the EU AI Act regulation text, the NIST AI RMF 1.0 document. Control IDs, article numbers, framework mappings. This is practitioner-built tooling from someone who’s sat in the audits, written the remediation plans, and knows what survives a compliance review.

Derrick Jackson // Founder, Tech Jacks Solutions
Companion Tool
Need an interactive version?
★ INTERACTIVE HTML TOOL
NIST AI RMF Program Tracker Tool
The same 72 subcategories in an interactive browser-based tool with heatmap visualization, gap analysis, evidence repository, 2 PDF report types, and auto-save. Zero install, zero telemetry. If you prefer working in a browser over Excel, this is your tool.
Related Templates
Often bought together
NIST AI RMF
NIST Govern Function SOP
.docx · 1 framework · 16 pages
$5.00
NIST AI RMFISO 42001
AI Risk Register
.xlsx · 3 frameworks · 6 tabs
$20.00
NIST AI RMFEU AI Act
AI Risk Management Framework
.docx · 4 frameworks · 27 pages
$35.00
FRAMEWORK COVERAGE
NIST AI RMF EU AI Act ISO 42001
WHAT YOU GET
5 tabs · 72 subcategories
0–5 maturity scoring
348 evidence entries
Conditional formatting
Summary dashboard
Instant download
★ BUNDLE DEAL. SAVE 30%
Get the complete AI Risk Management Command Bundle
The AI Risk Management Command Bundle includes this Self-Assessment Workbook plus 11 more risk management documents and tools. $449 instead of $639 if purchased individually.
Important

This tool is a starting point, not a finished product. It’s designed to accelerate your NIST AI RMF self-assessment by giving you a professionally structured foundation with verified subcategory descriptions and cross-framework mappings. It doesn’t replace legal counsel, compliance review, or organizational judgment. Every organization is different. You’ll need to customize the maturity scores, evidence entries, and action plans for your specific regulatory context, risk tolerance, and operational environment. We recommend routing your completed assessment through your legal, compliance, and governance teams before adoption. What you’re buying is a jumpstart that saves you weeks of research and spreadsheet building, not a guarantee of compliance. Framework citations reflect standards as of Q2 2026. Regulatory frameworks evolve. Check for updates to the NIST AI RMF, ISO 42001, and EU AI Act before your annual assessment review. Single organization license. All purchases include a 14-day money-back guarantee. If the tool does not meet your needs, contact us for a full refund.

Professional NIST AI RMF Self-Assessment spreadsheet tool with automated scoring, evidence tracking, action planning, and executive dashboard.

Author

Tech Jacks Solutions