The law system introduces the concept of the benefit of the doubt or innocent until proven guilty according to which every person is considered not guilty until proof of his/her guilt is brought through a final decision.
If we were to start from the well-known saying by Cicero errare humanum est (to err is human) or from what Paul Williams said in one of his articles from the series Thought for the day , that is, „even the best-worded policies and the most technically advanced counter-measures will not compensate for human stupidity”, we could safely say that at least as far as informational security is concerned seen through the human factor, there should be in risk management the concept of guilty until proven innocent. predisposition to risk. See fig. 1.
This concept can be applied to the human factor – the man is subject to mistake, blackmail, is corruptible etc. – as well as to any other element – the informational system is fragile, can be affected by viruses, by a sudden shortage of power or by a natural disaster, etc.; a building’s frame is affected by the lapse of time etc.).
We thus bring forward the human nature – primary factor of uncertainty in a project. Let us not forget that arrogance, ignorance and fear are considered to be primary risk elements within any project. Let us take for example temperament. Without going into such an analysis for the moment, we mention that temperament is a form of manifestation of personality under the aspect of energy, quickness, regularity and intensity of the psychic processes. It is the dynamic side of personality with influence on the character.
For details, see the article "Risk Assessment – a human psychology approach" here.
You may also like...
