Human, Organisation & Regulatory aspects - what's it all about?
This category within the Cyber Body of Knowledge, covers 4 wider knowledge areas:
Risk Management & Governance - security management systems and organisational security controls, including standards, best practices and approaches to risk assessment and mitigation.
Human Factors - usable security, social and behavioural factors impacting security, security culture and awareness as well as impact of security controls on user behaviours.
Privacy & Online Rights - techniques for protecting personal information, including communications, applications and inferences from databases and data processing. It also includes other systems supporting online rights touching upon censorship and circumvention, covertness, electronic elections and privacy in payment and identity systems.
Law and Regulation - international and national statutory and regulatory requirements, compliance obligations including data protection, and developing doctrines on cyber warfare.