Which factor is most likely to contribute to unintentional non-compliance with security procedures?

Question

BlackTom AI · Accepted Answer

Human factors and usability are the primary drivers of unintentional non‑compliance: when procedures are unclear or cumbersome, well-intentioned staff are likely to make mistakes or develop workarounds. Relevant concepts include human error (slips and lapses), cognitive load (complex rules increase mental effort), usability of security controls, and the difference between accidental versus malicious behaviour.

Step‑by‑step reasoning:
1. Interpret the phrase “unintentional non‑compliance” as violations caused by mistakes, confusion, or convenience, not by malicious intent.
2. Examine each option against that interpretation:
   - Option (d): Policies that are difficult to understand or time‑consuming to follow directly increase the chance employees will misunderstand, forget, skip steps, or create shortcuts — all unintentional behaviours driven by complexity, time pressure, or poor usability.
   - Option (a): A complete lack of organisational security policies can cause inconsistent behaviour, but it is a systemic absence rather than the typical cause of accidental non‑compliance when policies exist but are poorly designed.
   - Option (b): Employees having unrestricted administrator access is an access control problem that enables greater impact of mistakes or abuse, but it is not itself the common root cause of accidental non‑compliance (it’s a privilege management issue).
   - Option (c): Employees deliberately attempting to sabotage systems describes intentional malicious behaviour, which is the opposite of “unintentional.”
3. Compare likelihood: among the choices, unclear or time‑consuming policies are the most frequent and direct cause of accidental violations because they create confusion and encourage unsafe shortcuts.

Why (d) is correct: usability and clarity of policies determine whether employees can reasonably follow procedures; poor policy design leads to mistakes and non‑compliance even when motives are good.

Why others are incorrect (brief): (a) is absence rather than accidental error, (b) is a privilege/configuration risk not a cause of accidental non‑compliance, (c) is intentional sabotage.

Conclusion: The correct answer is d. Policies that are difficult to understand or time‑consuming to follow.

Which factor is most likely to contribute to unintentional non-compliance with security procedures?单项选择题

类似问题

Why are unintentional insiders considered a security risk?

The security policy of an organisation should address: (Choose all that apply.)

Which of the following describes the precise definition of Cybersecurity?

What would the BEST plan of action be on receiving an e-mail message warning that a virus may have accidentally been sent in the past, and suggesting that the user delete a specific file if it appears on the their computer?

What is the most significant challenge to information security, according to class discussions?

Question at position 16 True or False: Following recognised cybersecurity frameworks helps organisations comply with industry regulations.TrueFalse

Which of the following statements about passwords is not true?

更多留学生实用工具

智能学习助手

风格化写作助手

论文查重助手

文献引用助手

课堂转译助手

课堂笔记助手

Quiz搜索助手

学校历年真题

智能刷题助手

智能匹配练习

希望你的学习变得更简单