Sociotechnical Plan Video Summary — AI-Enabled CUI Compliance & Risk Triage Framework

 



Hello Class,

Sociotechnical Plan Video Summary — AI-Enabled CUI Compliance & Risk Triage Framework

For this assignment, I created a short video summarizing my sociotechnical plan titled AI-Enabled CUI Compliance & Risk Triage Framework: A Sociotechnical Plan. The purpose of the video is to show how organizations especially federal contractors handling Controlled Unclassified Information (CUI) can strengthen audit readiness and reduce cybersecurity risk by aligning technology, people, processes, and governance. Presenting the plan in a video format helped me communicate the interdependencies that drive adoption, including workflow design, stakeholder accountability, and institutional trust.

In the video, I begin with the problem context: many organizations manage compliance and risk using fragmented evidence (policies, asset inventories, logs, vulnerability data, and audit artifacts) that lives in multiple tools and departments. As a result, teams spend significant time chasing documentation and responding reactively to issues rather than prioritizing remediation based on risk. Sociotechnical systems theory emphasizes that technical solutions only succeed when they fit the social environment in which they operate roles, incentives, culture, governance, and policy shape how technology is used and whether it produces sustainable outcomes (Trist & Bamforth, 1951; Baxter & Sommerville, 2011). Accordingly, my plan integrates technical capabilities with the human and organizational mechanisms needed to make the approach operational.

The first feature is an AI-assisted risk triage dashboard that consolidates compliance evidence across systems and produces a prioritized queue of gaps and control weaknesses. Rather than overwhelming teams with raw data, the dashboard supports decision-making by highlighting which issues create the highest risk-to-compliance exposure. The second feature is a human-in-the-loop governance model that defines who reviews AI recommendations, who approves remediation actions, and how decisions are documented for accountability and auditability. The third feature is a workforce readiness and change management package, including role-based training, job aids, and “champions” to normalize the new workflow and reduce resistance to adoption.

A central focus of the sociotechnical plan is identifying the forces that influence diffusion. Supporting forces include increasing regulatory pressure, expanded availability of security telemetry, and organizational demand for measurable risk reduction. Challenging forces include resistance to workflow changes, skills gaps, fragmented governance, and concerns about accountability when AI is used to inform priorities. One limitation of the approach is dependence on data quality and the potential for bias or mis-weighting of signals, which could produce misleading recommendations. To mitigate this, the plan includes validation rules, periodic audits, transparent confidence indicators, and explicit human review before actions are approved.

To evaluate success, the plan uses measurable outcomes such as audit readiness cycle time, reduction in high-risk findings, remediation throughput, adoption rates across teams, and user trust/satisfaction. The anticipated outcome is not simply improved technical performance, but stronger organizational resilience and more responsible innovation practices by pairing automation with ethical oversight and stakeholder trust. Consistent with diffusion principles, the plan is designed for phased implementation pilot, iterate, and scale so that learning and adaptation remain built into the system over time (Rogers, 2003; Senge, 2006).


Link to video: https://animoto.com/play/qgkS0kpZVnnXHvGuiVnsRA

References

Animoto. (n.d.). Home page. https://animoto.com/

Baxter, G., & Sommerville, I. (2011). Sociotechnical systems: From design methods to systems engineering. Interacting with Computers, 23(1), 4–17. https://doi.org/10.1016/j.intcom.2010.07.003

Rogers, E. M. (2003). Diffusion of innovations (5th ed.). Free Press.

Senge, P. M. (2006). The fifth discipline: The art and practice of the learning organization (Rev. ed.). Doubleday.

Trist, E. L., & Bamforth, K. W. (1951). Some social and psychological consequences of the longwall method of coal-getting. Human Relations, 4(1), 3–38. https://doi.org/10.1177/001872675100400101

Comments

Post a Comment

Popular posts from this blog

When Forecasting Becomes a Trap: Blockbuster, Digital Disruption, and the Case for Scenario-Type Planning

  When Forecasting Becomes a Trap: Blockbuster, Digital Disruption, and the Case for Scenario-Type Planning Introduction Organizations routinely forecast because leaders need numbers: revenue targets, store counts, headcount plans, and capital budgets. Forecasting is valuable when the environment is relatively stable and the future is a “reasonable extension” of the past. The problem is that many industries experience discontinuities—technology shifts, business model innovation, and rapid changes in customer behavior—that break linear trend assumptions. Scenario-type planning is designed for these moments. Instead of producing a single “most likely” future, scenario planning develops several plausible futures and uses them to challenge assumptions, test strategic options, and improve readiness for change. Schoemaker (1995) describes scenario planning as a way to capture a range of possibilities by identifying major trends and uncertainties and using those to reduce managerial ove...
Read more
  Beginning My Innovation Foresight Journey My name is Denirio, and I work in the technology and cybersecurity field. Much of my experience has involved solving immediate problems, managing risk, and protecting systems in the present. Enrolling in Futuring and Innovation (CS875) is pushing me to step back and think more intentionally about how present decisions influence long-term outcomes. In this course, we are learning that there is no single fixed future. Instead, there are multiple possible futures shaped by trends, choices, and unexpected changes. Futuring encourages us to scan the environment for signals of change and to consider different scenarios before they unfold. Innovation is the way we respond by designing new ideas, processes, and solutions that move us toward more desirable futures rather than simply reacting after changes occur. I created this blog, Innovation Foresight Journal , as a space to document that learning process. I plan to write about topics such a...
Read more

Scenario Planning vs. Traditional Forecasting: Similarities, Differences, and When to Use Each

Scenario Planning and Traditional Forecasting: Similarities, Differences, and Practical Use Cases Introduction Organizations plan for the future in two fundamentally different ways:  traditional forecasting  and  scenario planning . Forecasting is designed to produce a defensible estimate of what is  most likely  to happen (often expressed as a number and a confidence range) based on historical patterns and explanatory drivers. Scenario planning, by contrast, is designed to help leaders make better choices when the future cannot be reduced to a single expected outcome especially when uncertainty is high and the cost of surprise is significant.  otexts.com +1 Scenario Planning Scenario planning is a disciplined strategic approach that develops a small set of  plausible, meaningfully different future environments  and then “stress-tests” strategies against them. It does not attempt to predict one correct future; it broadens managerial thinking, chal...
Read more