March Chapter Meeting: The Human Factors of Security, Compliance, and Risk Management
IT, auditing, and GCR professionals in ISACA constantly focus on addressing issues around security, compliance, and risk management. While excelling at the technical aspects of these areas, ISACA members frequently struggle with the human factors. These human factors include noncompliance, lax security, and risk blindness on the part of the rank-and-file employees, as well as insufficient concern with security, compliance, and risk management on the part of top-level leaders. To address these human factors among both rank-and-file employees and top-level leaders requires training in the human factors of motivation, communication, and decision-making, yet ISACA members rarely get training in such human factors. This presentation offers research-driven, data-based case studies and best practices on how IT, auditing, and GCR professionals in ISACA can most effectively address the human factors that undermine effective security, compliance, and risk management.