今日已更新 339 条资讯 | 累计 19899 条内容
关于我们

标签:#enterpriseai

找到 3 篇相关文章

AI 资讯

AI Governance for Law Firms: What Policy Can't Catch

Where AI incidents in legal actually come from, and what infrastructure (not policy) prevents them. Blake Aber · Predicate Ventures · 2026 The policy layer is table stakes. It isn't enough. When Sullivan & Cromwell apologized to a federal bankruptcy judge in April 2026 for AI hallucinations in a court filing, the firm's apology letter said the firm had policies. Safeguards existed. Those safeguards weren't followed. That framing, "the safeguard existed but wasn't followed," is how a policy failure gets described. But something more specific happened: a hallucination was generated, wasn't caught at generation time, wasn't caught at review time, and made it into a document that got filed. That's not a policy problem. It's an infrastructure problem. The distinction matters because it determines what you build next. What policy can and can't do Policy is a promise made before the event. A well-written AI acceptable-use policy says: don't submit output you haven't reviewed; verify citations before they go into a document; a human must approve anything client-facing. This works when the human executing the task has time, attention, and professional accountability in that moment. It fails when one of those is missing: a deadline, a junior practitioner, a late-night run. Policy can't: Verify a citation at the point of generation Flag output that has drifted below a confidence threshold Stop hallucinated text from appearing in a draft before a human ever sees it Detect when the underlying model is behaving differently than it was in testing Policy can: Set the expectation that review must happen Define who bears accountability when it doesn't Create a paper trail after the fact One of those is prevention. The other is compliance. What infrastructure does instead An AI harness layer operates at the point of generation, not at the point of review. This reflects a broader reality that production AI is mostly harness and very little model . For legal work specifically, three com

2026-06-29 原文 →
AI 资讯

Google Open Knowledge Format: Why Enterprise Agents Need a Knowledge Layer, Not Just More Tools

Google Open Knowledge Format: Why Enterprise Agents Need a Knowledge Layer, Not Just More Tools Most enterprise AI conversations still start in the wrong place. They start with the model. Which model should we use? Which framework should we adopt? Which vendor has the best agent platform? Which tools should we connect next? These are fair questions. But in real enterprise architecture, they are not the hardest questions. The harder question is this: Can our AI systems actually understand how our business works? That is why Google Cloud’s article on Open Knowledge Format caught my attention. The article talks about a simple but important idea: representing knowledge in a way that humans can read and machines can use. In OKF, that means markdown for the content and structured metadata for context. At first glance, that may sound too simple. But that simplicity is the point. Enterprises do not need another place where knowledge goes to die. We already have enough portals, catalogs, wikis, dashboards, folders, and internal tools. What we need is a practical way to package knowledge so it can be reviewed, versioned, governed, searched, and reused by both people and AI agents. That is where this idea becomes very relevant for agentic AI. The Real Enterprise AI Problem Most organizations already have the knowledge their AI agents need. They have it in databases, dashboards, tickets, architecture notes, runbooks, Confluence pages, data catalogs, code comments, incident reports, old project documents, and the heads of experienced employees. The issue is not that knowledge does not exist. The issue is that it is fragmented. Some of it is outdated. Some of it is duplicated. Some of it is tribal. Some of it is locked inside tools. Some of it is written for humans but not structured enough for AI systems to use reliably. This becomes a serious problem when we move from AI assistants to AI agents. An assistant can give a helpful answer. An agent does more. It plans, selects tools

2026-06-18 原文 →
AI 资讯

OpenAI’s Frontier Governance Framework: Risk Tiers, Trusted Access, and What Developers Need to Know

On May 29, 2026, OpenAI published its Frontier Governance Framework — and most developers moved on to the next item in their feed. That’s a mistake worth correcting. The document doesn’t announce a new model or lower an API price. It describes how OpenAI measures whether its own systems could enable mass-casualty events, what access controls gate who can reach those capabilities, and how this maps to the regulations — the EU AI Act and California’s Transparency in Frontier AI Act — that are actively shaping compliance requirements for any enterprise deploying frontier AI this year. If you build security tools on OpenAI APIs, the framework’s Trusted Access for Cyber program directly affects what your application can and cannot do. If you operate in a regulated environment, the framework is the vendor-side accountability document your compliance team needs to reference. And if you build on frontier models at all, the risk tier system in this framework governs the capability restrictions you will encounter — and, increasingly, what auditors and procurement teams will ask about when vetting your AI vendor stack. What the Framework Actually Is The Frontier Governance Framework is OpenAI’s published methodology for evaluating the risk profile of frontier models before and after deployment. It covers six functional areas: risk assessment and mitigation, model reporting, security risk management, incident response, external expert input, and framework updates. Each area has defined processes, thresholds, and accountability mechanisms. The core architecture is a tier system applied across four risk domains. Each domain is evaluated independently, with tiers reflecting capability levels that could enable specific categories of harm. A model’s rating in any domain determines what deployment controls apply — what gets blocked at the API layer, who gets elevated access, and what triggers an incident response workflow. The framework was published explicitly to align with two regu

2026-05-30 原文 →