Published by Hasan Hashim June 2, 2024 Blog

Types of Bias

Types of Bias Bias diagram

Cognitive and Motivational Biases

Motivational biases are distortions motivated by incentives or motivations that are conscious or unconscious. When we make judgments, cognitive biases are consistent deviations from norms or rationality.

Nonverbal Bias

In this condition, nonverbal behavior is seen in a negative manner toward specific social groups.

Nonverbal Bias Affinity Bias

Affinity Bias

Affinity bias refers to the tendency to gravitate toward individuals with similar characteristics.

Similarity Bias

In similarity bias, individuals who are similar to ourselves rather than those who appear to be dissimilar to us.

Similarity Bias Contrast Effect

Contrast Effect Bias

A contrast effect bias occurs when we compare two things rather than evaluating them separately.

Attribution Bias

An attribution bias occurs when an individual misunderstands the motivations and behaviors of others due to their cognitive predispositions.

Attribution Bias Confirmation Bias

Confirmation Bias

Confirmation bias results when an individual's belief is influenced directly by his or her desire.

Conformity Bias

In most contexts, conformity bias refers to our tendency to follow others' actions rather than making our own judgements based on our own experience.

Conformity Bias

Risk Management Framework (RMF)

RMF Diagram

Through the Risk Management Framework, security, privacy, and cyber supply chain risk management tasks can be incorporated into the development life cycle of a system. This method takes into account performance, efficiency, and limitations imposed by applicable laws, decrees, executive orders, policies, norms, or guidelines. Also, successful information security and privacy program requires managing organizational risks; RMF can accommodate new or systems, any technology, and any organization, no matter what its size or sector.

Following are the steps involved in the RMF Process:

RMF Process Steps
  1. Prepare: Managing security and privacy risks requires essential preparations for the organization
  2. Categorize: Analyze the impact of processing, storing, and transmitting information
  3. Select: Depending on the risk assessment, select the set of NIST SP 800 controls to protect the system
  4. Implement: Develop a plan for deploying controls and document how they are implemented
  5. Assess: Determine if controls are operational, if they are producing the intended results, and if they are achieving the intended goals
  6. Authorize: A senior official decides whether the system (can be operated) should be authorized
  7. Monitor: Regularly assess the effectiveness of control implementations and the system's risks
Categories: Blog