Framework cross-walk
Each row is a Model Card section. Each column is a framework. Every cell shows the relevant clause or control, so you can see at a glance how a single, well-written Model Card satisfies obligations across multiple regimes.
| Section | ISO/IEC 42001 | NIST AI RMF | EU AI Act | Google Model Cards |
|---|---|---|---|---|
| Model details | A.6.2.6 : System documentation; A.7.4 : System information | GOVERN 1.4, MAP 4.1 : System context & inventory | Art. 11 + Annex IV(1) : General description of the AI system | Model Details |
| Intended use & users | A.6.2.2 : Intended use of the AI system | MAP 1.1, MAP 3.4 : Context and purpose | Art. 11 + Annex IV(1)(c) : Intended purpose | Intended Use |
| Out-of-scope & prohibited uses | A.6.2.3 : Foreseeable misuse | MAP 5.1 : Impact assessment | Art. 5 (prohibited practices) + Annex IV(1)(g) | Out-of-Scope Uses |
| Training data overview & provenance | A.7.2, A.7.3 : Data for AI systems | MAP 2.3, MEASURE 2.10 : Data quality and provenance | Art. 10 : Data and data governance | Training Data |
| Evaluation data & metrics | A.6.2.5 : Performance evaluation | MEASURE 2.1, 2.3 : Evaluation methods | Annex IV(2)(g) : Validation and testing procedures | Evaluation Data / Metrics |
| Performance across subgroups | A.6.2.4, A.9 : Fairness, bias, impact | MEASURE 2.11 : Fairness and bias | Art. 10(2)(f), Art. 15 : Bias examination, accuracy | Quantitative Analyses |
| Ethical considerations & risks | A.5.2 : AI system impact assessment | MAP 5.1, MEASURE 2.6 : Impact and harms | Art. 9, Art. 27 : Risk management & FRIA | Ethical Considerations |
| Limitations & known failure modes | A.6.2.7 : Limitations of the AI system | MEASURE 2.5 : Validity and reliability | Annex IV(3) : Limitations and assumptions | Caveats & Recommendations |
| Mitigations & safeguards | A.6.2.8, A.9 : Controls & mitigations | MANAGE 2.1, 2.2 : Risk treatment | Art. 9 : Risk management measures | Caveats & Recommendations |
| Human oversight & escalation | A.3, A.6.2.6 : Roles, responsibilities, oversight | GOVERN 3.2, MANAGE 4.1 : Human-AI configuration | Art. 14 : Human oversight | Intended Use (oversight) |
| Security & privacy considerations | A.7.5 : Security; A.6.2.5 : Robustness | MEASURE 2.7, MANAGE 4.3 : Security & privacy | Art. 15 : Accuracy, robustness, cybersecurity | (extension) |
| Environmental impact | A.5.4 : Sustainability considerations | GOVERN 1.7 : Environmental impact | Annex IV(2)(c) : Computational resources | (extension) |
| Maintenance, monitoring & review | Clause 10, A.6.2.8 : Continual improvement | MANAGE 4.1 : Post-deployment monitoring | Art. 17, 72 : Post-market monitoring | Caveats & Recommendations |
Model details
ISO/IEC 42001
A.6.2.6 : System documentation; A.7.4 : System information
NIST AI RMF
GOVERN 1.4, MAP 4.1 : System context & inventory
EU AI Act
Art. 11 + Annex IV(1) : General description of the AI system
Google Model Cards
Model Details
Intended use & users
ISO/IEC 42001
A.6.2.2 : Intended use of the AI system
NIST AI RMF
MAP 1.1, MAP 3.4 : Context and purpose
EU AI Act
Art. 11 + Annex IV(1)(c) : Intended purpose
Google Model Cards
Intended Use
Out-of-scope & prohibited uses
ISO/IEC 42001
A.6.2.3 : Foreseeable misuse
NIST AI RMF
MAP 5.1 : Impact assessment
EU AI Act
Art. 5 (prohibited practices) + Annex IV(1)(g)
Google Model Cards
Out-of-Scope Uses
Training data overview & provenance
ISO/IEC 42001
A.7.2, A.7.3 : Data for AI systems
NIST AI RMF
MAP 2.3, MEASURE 2.10 : Data quality and provenance
EU AI Act
Art. 10 : Data and data governance
Google Model Cards
Training Data
Evaluation data & metrics
ISO/IEC 42001
A.6.2.5 : Performance evaluation
NIST AI RMF
MEASURE 2.1, 2.3 : Evaluation methods
EU AI Act
Annex IV(2)(g) : Validation and testing procedures
Google Model Cards
Evaluation Data / Metrics
Performance across subgroups
ISO/IEC 42001
A.6.2.4, A.9 : Fairness, bias, impact
NIST AI RMF
MEASURE 2.11 : Fairness and bias
EU AI Act
Art. 10(2)(f), Art. 15 : Bias examination, accuracy
Google Model Cards
Quantitative Analyses
Ethical considerations & risks
ISO/IEC 42001
A.5.2 : AI system impact assessment
NIST AI RMF
MAP 5.1, MEASURE 2.6 : Impact and harms
EU AI Act
Art. 9, Art. 27 : Risk management & FRIA
Google Model Cards
Ethical Considerations
Limitations & known failure modes
ISO/IEC 42001
A.6.2.7 : Limitations of the AI system
NIST AI RMF
MEASURE 2.5 : Validity and reliability
EU AI Act
Annex IV(3) : Limitations and assumptions
Google Model Cards
Caveats & Recommendations
Mitigations & safeguards
ISO/IEC 42001
A.6.2.8, A.9 : Controls & mitigations
NIST AI RMF
MANAGE 2.1, 2.2 : Risk treatment
EU AI Act
Art. 9 : Risk management measures
Google Model Cards
Caveats & Recommendations
Human oversight & escalation
ISO/IEC 42001
A.3, A.6.2.6 : Roles, responsibilities, oversight
NIST AI RMF
GOVERN 3.2, MANAGE 4.1 : Human-AI configuration
EU AI Act
Art. 14 : Human oversight
Google Model Cards
Intended Use (oversight)
Security & privacy considerations
ISO/IEC 42001
A.7.5 : Security; A.6.2.5 : Robustness
NIST AI RMF
MEASURE 2.7, MANAGE 4.3 : Security & privacy
EU AI Act
Art. 15 : Accuracy, robustness, cybersecurity
Google Model Cards
(extension)
Environmental impact
ISO/IEC 42001
A.5.4 : Sustainability considerations
NIST AI RMF
GOVERN 1.7 : Environmental impact
EU AI Act
Annex IV(2)(c) : Computational resources
Google Model Cards
(extension)
Maintenance, monitoring & review
ISO/IEC 42001
Clause 10, A.6.2.8 : Continual improvement
NIST AI RMF
MANAGE 4.1 : Post-deployment monitoring
EU AI Act
Art. 17, 72 : Post-market monitoring
Google Model Cards
Caveats & Recommendations