Pre-allocate sufficient resources for ri…

BackStaged release of model weights

This page is still being polished. If you have thoughts, please share them via the feedback form.

Data on this page is preliminary and may change. Please do not share or cite these figures publicly.

Staged release of model weights

Gipiskis (2024)|LLM classified

Mitigation Taxonomy

2Organisation

2.3Operations & Security

2.3.1Deployment Management

Staged rollout strategies, phased deployment, and tiered access approaches for production systems.

Also in Operations & Security

2.3.2 Access & Security Controls2.3.3 Monitoring & Logging2.3.4 Incident Response

Definitionp. 38

When a model is developed by a provider for use in a certain AI system, it may also be useful to release the model itself more widely. Such developers can follow a staged release approach, in which they first grant access to the model via an API to trusted partners or the public, in order to scope the models’ capabilities and detect harmful or dangerous features [195]. After a period of an initial closed release and potentially further safety-training, the developers of the AI model can then release the weights, if they are confident that the AI model poses minimal systemic risk.

LLM Classification Details

Reasoning

Staged release controls deployment pace and access scope to manage risks operationally.

Code: 2.3.1Version: v0.6Classified: Feb 6, 2026

Part of

Model Release

Other mitigations from Gipiskis (2024) (112)

Model development

2.4 Engineering & Development

Lifecycle:Build and Use ModelActor:DeveloperAIRM:Unable to classify

Model development > Data-related

1.1 Model

Lifecycle:Collect and Process DataActor:Unable to classifyAIRM:Unable to classify

Model evaluations

2.2.2 Testing & Evaluation

Lifecycle:Verify and ValidateActor:DeveloperAIRM:Measure

Model evaluations > General evaluations

2.2.2 Testing & Evaluation

Lifecycle:Verify and ValidateActor:DeveloperAIRM:Measure

Model evaluations > Benchmarking

3.2.1 Benchmarks & Evaluation

Lifecycle:Other (outside lifecycle)Actor:DeveloperAIRM:Measure

Model evaluations > Red teaming

2.2.2 Testing & Evaluation

Lifecycle:Verify and ValidateActor:DeveloperAIRM:Measure

View all 112 mitigations from this source →

Source Document

Risk Sources and Risk Management Measures in Support of Standards for General-Purpose AI Systems

Gipiškis, Rokas; San Joaquin, Ayrton; Chin, Ze Shen; Regenfuß, Adrian; Gil, Ariel; Holtman, Koen (2024)

Organizations and governments that develop, deploy, use, and govern AI must coordinate on effective risk mitigation. However, the landscape of AI risk mitigation frameworks is fragmented, uses inconsistent terminology, and has gaps in coverage. This paper introduces a preliminary AI Risk Mitigation Taxonomy to organize AI risk mitigations and provide a common frame of reference. The Taxonomy was developed through a rapid evidence scan of 13 AI risk mitigation frameworks published between 2023-2025, which were extracted into a living database of 831 distinct AI risk mitigations.

View source DOI: 10.48550/arXiv.2410.23472

Classification

AI Lifecycle Stage

Deploy

Releasing the AI system into a production environment

Build and Use ModelVerify and ValidateOperate and Monitor

Responsible Actor

Developer

Entity that creates, trains, or modifies the AI system

NIST AI RMF Function

Manage

Prioritising, responding to, and mitigating AI risks

Measure

Risk Domains

Primary

7.2 AI possessing dangerous capabilities

Other

4 Malicious Actors & Misuse