LeeRayl on Nostr: I know its late and you don’t want to think about work but I want to share ...
I know its late and you don’t want to think about work but I want to share something I just found that could help a lot of you.
If you write policies and you need to understand how to translate emerging tech to human processes, check out OECD's AI work: https://www.oecd.org/en/topics/artificial-intelligence.html
I love frameworks, I love ISO over US Frameworks, I believe if you write a policy, make it worth following and that means readability.
NIST and US standards and publications are great but they are very heavy, I found the OECD Standards for AI classification after I wrote my own and they are pretty darn close.
If you need a tl;dr for your policy its not a policy its a distraction.
I will say that OECD is a global organization and is focused on human aspects of policy creation and global impacts. It may not be ready for some of you hardened humans in security.
#grc #infosec #policies #ai
Some people have cool hobbies, I read policies so I know which rules I can break and which ones I can’t. Risk Management as a sport.
If you write policies and you need to understand how to translate emerging tech to human processes, check out OECD's AI work: https://www.oecd.org/en/topics/artificial-intelligence.html
I love frameworks, I love ISO over US Frameworks, I believe if you write a policy, make it worth following and that means readability.
NIST and US standards and publications are great but they are very heavy, I found the OECD Standards for AI classification after I wrote my own and they are pretty darn close.
If you need a tl;dr for your policy its not a policy its a distraction.
I will say that OECD is a global organization and is focused on human aspects of policy creation and global impacts. It may not be ready for some of you hardened humans in security.
#grc #infosec #policies #ai
Some people have cool hobbies, I read policies so I know which rules I can break and which ones I can’t. Risk Management as a sport.