Assess The Impact Human Behavior Can Have On IT Changes

Posted on December 27, 2025

Assess The Impact Human Behavior Can Have On It Changes Indicating Ho

Assess the impact human behavior can have on IT changes, indicating how the impact should be managed. Create a strategy to minimize the risk or the negative impact of human intervention. Evaluate the risks associated with designing IT systems and how they may be managed to ensure the effective integration of segregation of duties related to installing networks, operating systems, and data management systems. Provide support for your evaluation.

Paper For Above instruction

Introduction

Human behavior plays a pivotal role in the successful implementation, management, and security of Information Technology (IT) systems. While technological advancements aim to automate and streamline processes, human actions—whether intentional or unintentional—can introduce significant risks and impact the integrity, confidentiality, and availability of IT systems. This paper evaluates the impact of human behavior on IT changes, discusses strategies to manage these effects, develops a comprehensive strategy to minimize negative impacts, and assesses the risks associated with system design, particularly focusing on segregation of duties in networking, operating systems, and data management.

Impact of Human Behavior on IT Changes

Human actions are central to the lifecycle of IT systems, affecting their deployment, operation, and security (Verizon, 2022). For instance, employees or administrators may inadvertently cause system downtime through misconfigurations or neglecting security protocols. Conversely, malicious insiders may intentionally manipulate systems for personal gain. Such behaviors can lead to data breaches, system outages, or data loss (Ponemon Institute, 2021). Moreover, resistance to change or inadequate training can result in improper handling of IT updates or patches, leading to vulnerabilities (Smith & Johnson, 2020). Human errors often originate from fatigue, lack of awareness, or insufficient oversight, emphasizing the need for human-centric management strategies.

Managing the Impact of Human Behavior

Effective management of human influence on IT changes involves comprehensive policies, training, and oversight mechanisms. Establishing clear procedures and documentation helps ensure consistency and reduces errors (ISO/IEC 27001, 2013). Security awareness programs educate users about potential threats and best practices, fostering a culture of security (Caruso et al., 2019). Additionally, access controls and audit trails help monitor activities, identify anomalies, and hold individuals accountable (Deane et al., 2020). Incorporating human factors engineering into system design can reduce the likelihood of errors, while automation of routine tasks diminishes dependence on human input (Samson & Petter, 2018).

Strategy to Minimize Negative Impacts of Human Intervention

Developing a robust strategy involves multiple components:

Segregation of Duties (SoD): Implement strict SoD policies ensuring that no single individual has control over all critical aspects of network installation, OS configuration, and data management. This limits the risk of fraud or accidental damage (COSO, 2013).
Automation and Standardization: Use automated deployment, configuration management tools, and standardized procedures to minimize manual errors (Bass et al., 2019).
Training and Awareness: Regularly train personnel on security policies, system changes, and incident response procedures to foster a security-conscious environment (Jones & Clark, 2021).
Monitoring and Auditing: Continuous monitoring with real-time alerts, coupled with detailed audit logs, enables early detection of unauthorized or unintended changes (National Institute of Standards and Technology [NIST], 2018).
Change Management Processes: Implement formal change management procedures that require multiple approvals and thorough testing before deploying system modifications (ITIL, 2019).

This comprehensive approach reduces the likelihood of human error, curtails malicious actions, and ensures rapid response to incidents.

Risks in Designing IT Systems and Managing Segregation of Duties

When designing IT systems, risks include insufficient segregation of duties, lack of access controls, or overly complex architectures that hinder oversight. Poorly implemented SoD can allow abuse or errors to go unnoticed, leading to data leaks or system failures (Crosman, 2017). Furthermore, inadequate authentication mechanisms and improper role definitions increase the risk of unauthorized access. These issues can undermine system integrity, especially when combined with human errors during system configuration or maintenance.

Managing these risks involves meticulous role-based access control (RBAC), principle of least privilege, and regular review of access rights. Proper system logging and third-party audits serve as additional controls. Furthermore, adopting secure development practices, such as integrating security into the system development lifecycle, reduces vulnerabilities (OWASP, 2022). This ensures that the design inherently incorporates vital security and control measures, providing a resilient foundation against human-induced risks.

Conclusion

Human behavior significantly influences the success and security of IT systems. While it is impossible to eliminate human errors entirely, organizations can adopt strategic measures to mitigate their impact. A combination of strict segregation of duties, automated processes, comprehensive training, vigilant monitoring, and sound system design can substantially reduce risks associated with human intervention. As technology evolves, integrating human factors into system planning and management will remain essential to safeguarding digital assets and ensuring reliable IT operations.

References

Bass, L., Clements, J., & Kazman, R. (2019). Software Architecture in Practice. Addison-Wesley.
Caruso, L., Cvelbar, L. K., & Pucihar, A. (2019). Enhancing cybersecurity awareness: Effectiveness of training programs. Journal of Cybersecurity, 5(1), 45-58.
COSO. (2013). Enterprise Risk Management—Integrating with Strategy and Performance. Committee of Sponsoring Organizations of the Treadway Commission.
Crosman, P. (2017). The importance of segregation of duties in cybersecurity. Journal of Information Security, 8(2), 103-110.
ISO/IEC 27001. (2013). Information technology — Security techniques — Information security management systems — Requirements. International Organization for Standardization.
Jones, S., & Clark, A. (2021). Building a security-aware organizational culture. Cybersecurity Today, 4(3), 12-19.
National Institute of Standards and Technology (NIST). (2018). Framework for Improving Critical Infrastructure Cybersecurity. NIST.
Owasp. (2022). OWASP Secure Development Lifecycle (SDL). Open Web Application Security Project.
Ponemon Institute. (2021). Cost of a Data Breach Report. Identity Theft Resource Center.
Samson, R., & Petter, S. (2018). Human Factors Engineering in Information System Design. Communications of the ACM, 61(3), 56-63.
Smith, D., & Johnson, P. (2020). Challenges in IT change management: A human-centered approach. Journal of Information Technology Management, 31(2), 21-30.
Verizon. (2022). 2022 Data Breach Investigations Report. Verizon.

« Previous Next »

Hire Dr Jack for Homework & Academic Writing Help

Need personalised help with your homework, assignments, research papers, or dissertations? I would be happy to work with you one-to-one and support you from start to finish.

100% human-written work (no AI used) – if you ever detect AI content, I offer a full refund, no questions asked.
Zero plagiarism – I deliver original work, and if any plagiarism is found, you receive a 100% refund.
On-time delivery – your work is always completed within the agreed timeframe.
Available 24/7 – you can reach out whenever it is convenient for you.
Fixed Rate – $20 Per Page (Nothing Extra for Urgent, Title/Reference Page , Revision and many more.).

To discuss your requirements, please email me at drjack9650@gmail.com . I will respond as soon as possible.