John Banja identifies seven factors
that contribute to the normalization of deviance:
- The rules are stupid and inefficient!
- Knowledge is imperfect and uneven.
- The work itself, along with new technology, can disrupt work behaviors and rule compliance.
- I’m breaking the rule for the good of my patient!
- The rules don’t apply to me/you can trust me.
- Workers are afraid to speak up.
- Leadership withholding or diluting findings on system problems.
Source: IT Security and the Normalization of Deviance – Schneier on Security