Create OMB_NIST_AI_RMF_MAPPING.md

OMB_NIST_AI_RMF_MAPPING.md

@@ -0,0 +1,74 @@
+# OMB & NIST AI Risk Management Framework (AI RMF) Mapping
+
+## Project
+**Federal FOIA Intelligence Search**
+
+## Applicable Frameworks
+- NIST AI Risk Management Framework (AI RMF 1.0)
+- OMB Guidance on Responsible AI Use (M-21-06, M-23-10)
+
+---
+
+## AI System Classification
+
+**Risk Tier:** Low-Risk, Assistive, Non-Autonomous  
+**Use Case:** Research assistance for public records  
+**Decision Authority:** Human only
+
+---
+
+## NIST AI RMF Core Mapping
+
+### GOVERN (G)
+
+| Control | Implementation |
+|------|----------------|
+| G-1 Transparency | Public documentation, disclosures |
+| G-2 Accountability | Maintainer governance, feature flags |
+| G-3 Human Oversight | User-initiated actions only |
+| G-4 Policy Alignment | FOIA, journalism, legal ethics |
+
+---
+
+### MAP (M)
+
+| Control | Implementation |
+|------|----------------|
+| M-1 Context | Public FOIA materials only |
+| M-2 Stakeholders | Journalists, researchers, courts |
+| M-3 Harm Identification | Hallucination, misinterpretation |
+
+---
+
+### MEASURE (ME)
+
+| Control | Implementation |
+|------|----------------|
+| ME-1 Output Evaluation | Citation anchoring |
+| ME-2 Performance | No accuracy claims |
+| ME-3 Monitoring | Integrity hashes |
+
+---
+
+### MANAGE (MA)
+
+| Control | Implementation |
+|------|----------------|
+| MA-1 Risk Mitigation | AI opt-in, disclaimers |
+| MA-2 Incident Response | Disable AI feature flags |
+| MA-3 Change Control | Phase-based rollout |
+
+---
+
+## OMB Alignment Summary
+
+✔ No automated decision-making  
+✔ No surveillance functionality  
+✔ No personal data processing  
+✔ No training on user inputs  
+
+---
+
+## Compliance Conclusion
+
+This system aligns with **low-risk assistive AI** under NIST AI RMF and OMB guidance.