Motive
Boundary Testing
Coercion
Conflicts of Interest
Curiosity
Espionage
Fear of Reprisals
Hubris
Human Error
Ideology
Joiner
Lack of Awareness
Leaver
Misapprehension or Delusion
Mover
Personal Gain
Political or Philosophical Beliefs
Recklessness
Recognition
Resentment
Revenge
Rogue Nationalism
Self Sabotage
Third Party Collusion Motivated by Personal Gain
- ID: MT022
- Created: 28th April 2025
- Updated: 28th April 2025
- Contributor: The ITM Team
Boundary Testing
The subject deliberately pushes or tests organizational policies, rules, or controls to assess tolerance levels, detect oversight gaps, or gain a sense of impunity. While initial actions may appear minor or exploratory, boundary testing serves as a psychological and operational precursor to more serious misconduct.
Characteristics
- Motivated by curiosity, challenge-seeking, or early-stage dissatisfaction.
- Actions often start small: minor policy violations, unauthorized accesses, or circumvention of procedures.
- Rationalizations include beliefs that policies are overly rigid, outdated, or unfair.
- Boundary testing behavior may escalate if it is unchallenged, normalized, or inadvertently rewarded.
- Subjects often seek to gauge the likelihood and severity of consequences before considering larger or riskier actions.
- Testing may be isolated or gradually evolve into opportunism, retaliation, or deliberate harm.
Example Scenario
A subject repeatedly circumvents minor IT security controls (e.g., bypassing content filters, using personal devices against policy) without immediate consequences. Encouraged by the lack of enforcement, the subject later undertakes unauthorized data transfers, rationalizing the behavior based on perceived inefficiencies and low risk of detection.