|Party||Risk level (purposes)||Trusted based on|
|Business||Low||Historic behavior (e.g., credit rating and internal experiences) and group memberships (i.e., chamber of commerce, business groups, exchange memberships) or convenience|
|Business||Medium||Contracts, historical behavior, size (deep pockets), legal suitability|
|Business||High||Contracts, historical behavior, size (deep pockets), legal suitability, systematic background checks, and executive risk acceptance|
|People||Low||Contracts and group membership or transitive trust chains|
|People||Medium||Historical behavior, systematic background checks, and contracts|
|People||High||Historical behavior, systematic background checks, psychological factors, external clearances, contracts, and sometimes nationality|
|Systems||Low||Historical behavior, contracts, transitive trust chains (someone told me it was good, a magazine review, etc.)|
|Systems||Medium||Historical behavior, transitive trust chains (authors, reputations, reviews, etc. ), contracts|
|Systems||High||Historical behavior, transitive trust chains (authors), contracts, and certifications (CC, TCSEC, TCG, etc.)|
|Content||Low||Transitive trust chains|
|Content||Medium||Historic behavior (of the source), group memberships (of the author), credentials (of the author), contracts|
|Content||High||Investigation (scientific demonstrations), historic behavior (of the source), group memberships (of the author), credentials (of the author), contracts|
Businesses: Entities not within the direct control of the executive management making risk-related decisions.
Content: The meaningful utility that is being protected by the protection program.
People: Human beings, whether employees, other workers, customers, or anyone else.
Systems: Computers, mechanisms, equipment, and collections thereof, including the things that make them work.
Historical behavior: The history over time of behaviors demonstrated is used, often as the best predictor of future performance.
Transitive trust chains: The trust of someone you trust, the enemy of my enemy, a friend of a friend of a friend, etc.
Systematic background checks: Well-defined sets of checks undertaken to find and verify facts about individuals or companies in terms of their past.
Psychological factors: Liking, similarity, behavioral characteristics, looking like others, acting like others, and similar influence properties.
External clearances: Externally defined clearances, such as those granted by governments or partner organizations.
Contracts: Agreements between parties with force of law.
Nationality: Where someone or something originates from or has been determined to be a member of.
Group membership: Memberships of organizations or groups, such as military organizations, clubs, professional societies, award winners, political parties, etc.
Investigations: Detailed reviews of facts based on defined principles with identifiable error rates and reliability.
Credentials: Government credentials such as badges, licenses, etc., professional certificates, degrees, or other third party accreditations.
Certifications: Trusted Systems Evaluation Criteria (TCSEC), Trusted computing group (TCG), Common Criteria (CC), Certified examiners or other professional society or institutional certificates, training certificates, etc.
Size: Depth of financial capacity to handle liabilities, physical characteristics, or other measurable things that justify acceptability of proportional risk.