An evaluation of Aesop Academy's full course catalog against the NIST AI Risk Management Framework 1.0 and the Generative AI Profile (NIST AI 600-1) — the US federal baseline for trustworthy AI governance, increasingly cited in enterprise procurement, federal contracting, and higher-education research policy.
The NIST AI Risk Management Framework (AI RMF 1.0), released in January 2023 by the US National Institute of Standards and Technology, is the voluntary federal framework for managing risks across the AI lifecycle. It defines four core functions — GOVERN, MAP, MEASURE, MANAGE — and seven characteristics of trustworthy AI (valid & reliable; safe; secure & resilient; accountable & transparent; explainable & interpretable; privacy-enhanced; fair — with harmful bias managed). In July 2024, NIST published the companion Generative AI Profile (NIST AI 600-1), which adds twelve generative-AI-specific risks including confabulation, data privacy leakage, dangerous or violent content, and human-AI configuration risks.
Unlike AI4K12, CSTA, or ISTE — which are K-12 curriculum standards — the NIST AI RMF is a governance framework used by organizations that build, deploy, or procure AI systems. AESOP's alignment with the RMF is therefore not about grade-level coverage but about whether the curriculum teaches the concepts, vocabulary, and practices that RMF compliance requires.
Overall alignment across AESOP's 26 courses against the four NIST AI RMF core functions. The AI Foundations series is counted as one aggregate offering across its 10 modules and three tracks. Ratings reflect whether the curriculum teaches learners to perform, recognize, or make decisions consistent with each function.
Cultivates a culture of risk management and establishes policies, processes, and accountability structures for AI. Covers GOVERN 1 (policies & procedures), GOVERN 2 (accountability), GOVERN 3 (workforce diversity & equity), GOVERN 4 (culture of risk awareness), GOVERN 5 (processes for stakeholder engagement), and GOVERN 6 (third-party risk).
Strong coverage in: AI Governance (full course — directly maps to every GOVERN sub-category), AI Ethics & Decision-Making, AI Risk for Business Leaders, AI Leadership, Corporate AI Policies & Policy Drafting (governance M6–M8), AI in Society, AI and the Future of Work, AI & Creativity (M5: Consent & Copyright)
The AI Governance course alone is organized around policy drafting, auditing, and corporate governance structures — it is effectively a NIST AI RMF GOVERN primer for non-specialist audiences. This is AESOP's single strongest standards-alignment claim for enterprise and higher-ed buyers.
Establishes context and identifies risks. Covers MAP 1 (context is established), MAP 2 (categorization of AI system), MAP 3 (capabilities, targeted usage, goals), MAP 4 (risks to individuals, groups, and society), and MAP 5 (impacts on people and the planet).
Strong coverage in: AI in Society, AI in Healthcare, AI & Education, AI and the Future of Work, AI and National Security, AI Foundations (M2: Where AI Shows Up, M4: AI in Your Life), Building an AI-First Business, AI for Marketing and Growth
AESOP's domain-specific courses (Healthcare, Education, Society, Future of Work, National Security) are structurally organized around MAP — they identify where AI is deployed, who is affected, and what could go wrong. This is a natural fit.
Uses quantitative, qualitative, and mixed-method tools to analyze, assess, benchmark, and monitor AI risk and related impacts. Covers MEASURE 1 (identification of metrics), MEASURE 2 (evaluation for trustworthy characteristics), MEASURE 3 (mechanisms for tracking identified AI risks), and MEASURE 4 (feedback mechanisms).
Strong coverage in: Building with AI (M6: Evaluating AI Output), GPT vs. Claude vs. Gemini (comparative evaluation), How Large Language Models Work, RAG Systems from Scratch, AI Foundations (M5: How to Fact-Check AI)
Partial coverage: AI Governance (M6: How AI Auditing Works), AI Ethics, AI in Healthcare, Prompt Engineering for Developers, AI Risk for Business Leaders
Note: MEASURE is AESOP's weakest RMF function — not absent, but concentrated in the builder track. Adding an explicit module on AI evaluation metrics (red-teaming, benchmarks, drift detection) to the Governance or Risk courses would move this to STRONG.
Allocates risk resources to mapped and measured risks on a regular basis. Covers MANAGE 1 (AI risks are prioritized, responded to, and managed), MANAGE 2 (strategies to maximize benefits and minimize negative impacts), MANAGE 3 (AI risks from third-party entities managed), and MANAGE 4 (risk treatments including response and recovery, and communication, are planned).
Strong coverage in: AI Risk for Business Leaders, AI Governance (M6: How AI Auditing Works, M7: What Corporate AI Policies Contain), AI Leadership, AI in Healthcare (patient-safety risk management), AI and National Security, Building an AI-First Business, AI Ethics & Decision-Making, AI Tools for Solo Founders
AESOP's business-track courses (Risk for Business Leaders, AI-First Business, AI Leadership) are built around ongoing risk-management practices and decision frameworks — a direct match for MANAGE.
The NIST AI RMF defines seven characteristics of trustworthy AI systems. AESOP coverage is summarized below, with the lead courses that teach each characteristic.
All 26 courses rated across the four NIST AI RMF core functions. STRONG = substantial coverage; PARTIAL = incidental or limited; NONE = not addressed. The Foundations series row reflects aggregate coverage across all 10 modules and three differentiated tracks.
| Course | GOVERN | MAP | MEASURE | MANAGE |
|---|---|---|---|---|
| AI Foundations Series (10 × 3) | Partial | Strong | Partial | Partial |
| AI Governance | Strong | Strong | Strong | Strong |
| AI in Society | Strong | Strong | Partial | Partial |
| AI Ethics & Decision-Making | Strong | Strong | Partial | Strong |
| Building with AI | Partial | Partial | Strong | Partial |
| AI in Healthcare | Strong | Strong | Partial | Strong |
| AI & Education | Strong | Strong | Partial | Partial |
| AI Psychology & Behavior | Partial | Strong | None | Partial |
| AI Leadership | Strong | Partial | None | Strong |
| AI & Creativity | Strong | Partial | None | Partial |
| AI and National Security | Strong | Strong | Partial | Strong |
| GPT vs. Claude vs. Gemini | Partial | Partial | Strong | Partial |
| AI in Game Design I | None | Partial | Partial | None |
| Photography and AI | Partial | Partial | Partial | None |
| AI Tools for Solo Founders | Partial | Partial | None | Strong |
| AI for Marketing and Growth | Partial | Strong | Partial | Partial |
| AI Risk for Business Leaders | Strong | Strong | Partial | Strong |
| Building an AI-First Business | Strong | Partial | Partial | Strong |
| AI for Small Business Managers | Partial | Partial | None | Partial |
| Building AI Agents I | None | Partial | Partial | None |
| Building AI Agents II | None | Partial | Partial | None |
| Building AI Agents III | Partial | Partial | Partial | Partial |
| Building AI Agents IV (OpenClaw) | None | Partial | Partial | None |
| Building AI Agents V | None | None | Partial | None |
| Prompt Engineering for Developers | None | Partial | Partial | None |
| RAG Systems from Scratch | None | Partial | Strong | None |
| How Large Language Models Work | None | Partial | Strong | None |
| AI and the Future of Work | Strong | Strong | None | Partial |
The July 2024 Generative AI Profile (NIST AI 600-1) identifies twelve risks unique to or amplified by generative AI. Color dots below reflect AESOP's catalog coverage: strong · partial · gap.
AESOP covers 8 of 12 Gen-AI-specific risks at strong level and the remaining 4 at partial. Zero gaps — unusual for an AI-literacy curriculum.
The AI Governance course alone provides broad coverage across all four RMF functions. Repositioning it as AESOP's flagship NIST-aligned offering (with explicit RMF terminology in the module outline) would create the most immediately procurable unit for federal-adjacent and enterprise buyers. Consider a co-branded name like "AI Governance: A NIST AI RMF Primer."
MEASURE is the weakest of the four core functions. A single new module — covering red-teaming, benchmark design, drift detection, and continuous monitoring — added to AI Governance or AI Risk for Business Leaders would move MEASURE from MODERATE to STRONG and make the overall claim of four-function alignment defensible without caveat.
Enterprise procurement reviewers expect a machine-parseable crosswalk (XLSX or CSV) mapping course modules to specific RMF sub-categories (GOVERN-1.1, MAP-3.4, etc.). This is a one-time authoring cost that meaningfully shortens the sales cycle for AESOP's highest-ACV deals.
Most AI-literacy curricula address 3–5 of the twelve Gen-AI Profile risks; AESOP addresses all twelve. This is a meaningfully differentiated claim. The Gen-AI Profile dot chart in this document should be reproduced on a public-facing marketing page.
The March 2024 OMB memorandum (M-24-10) requires federal agencies to adopt RMF-aligned AI practices, which cascades into their contractors and grantees. AESOP's positioning as an RMF-aligned AI literacy program for this audience — roughly the top 10,000 federal contractors — is currently underserved and is where AESOP's governance-first catalog structure provides a clear advantage over curricula built primarily for K-12.
ISO/IEC 42001 (AI Management System standard, published December 2023) is the emerging enterprise analogue to NIST AI RMF. Organizations pursuing ISO/IEC 42001 certification are required to demonstrate AI-literate staff. An ISO/IEC 42001 alignment document, built on the foundation of this NIST RMF alignment, would extend AESOP's enterprise-governance positioning internationally.