The carrot won’t stick

Almost as an intermission, on my way to a full-length post on behavioral change and InfoSec: A shortie on Compliance.

Having realised that classical compliance is a hygiene thing: Nothing happens, until some factor sinks below the surface / zero; then, all heck breaks loose.
I.e., no carrot, many many sticks. Not your average well-balanced incentive scheme, right?

Classical awareness / behavioral change programs, then. Where only the winner, Employee of the Month, or less, will receive some recognition. Often, recognized among peers and colleagues ‘for being a’. The rest, that tagged along without doing anything particularly bad, or even only just arriving at the #2 spot: Not much, often Nothing.
A tiny carrot, possibly up some unsunshined place or used as pick, and not much by way of sticks.

Where is the scheme with a lot of carrots (but not for all, especially not as guaranteed sign-on bonus…!!) and a few sticks-in-private (as they should be!) …?

Just asking, maybe for an impossible thing but your considerate responses are very much welcomed… and:
DSC_0700 (2)
[‘Dagpauwoog’ i.e., back yard beauty]

About maverisk

Maverisk Consultancy, IS Audit and Advisory services: Wikinomics meets governance and audit; otherwise, see my personal LinkedIn profile
This entry was posted in ERM, GRC, Information Risk Management, Information Security, Sociological, psychological notes and tagged , , , , . Bookmark the permalink.

Your comments are welcomed!

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s