Notes on axes of variation in third-party risk assessment

Buck·LessWrong·Community·

There are many different activities that could be described as "third-party risk assessment". Here are some distinctions that I’ve found helpful thinking about the space over the last few weeks.(Thanks Ajeya Cotra and Paul Christiano for discussions that inspired most of this.)Throughout this, I refer to the actors as:Developers.Stakeholders. These are the people who want to be informed about risks. Possible stakeholders include: governments, the public, the developer's board, the developer's em...

Read full article →

Related Articles

US bans differential privacy in Census data
nl · Hacker News · 3h ago
Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Packages
qwertox · Hacker News · 4h ago
Twenty One Zero-Days in FFmpeg
redbell · Hacker News · 18h ago
CRISPR tech selectively shreds cancer cells, including "undruggable" cancers
gmays · Hacker News · 1d ago
Kimi K2.7-Code: open-source coding model with better token efficiency
nekofneko · Hacker News · 1d ago