SUPPORT
Please Note:
The support ticket system is for technical questions and post-sale issues.
If you have pre-sale questions please use our chat feature or email information@mile2.com .
Behavioral Compliance Aptitude Assessment (BCAA)™
What is Behavioral Compliance Aptitude?
Behavioral compliance aptitude refers to an individual’s ability to understand and adhere to laws, compliance, regulations, organizational practices, processes, procedures, and ethical standards.
The BCAA involves skills such as ethical judgment, decision-making under pressure, and the ability to comply with regulatory requirements or organizational policies. Additionally, the BCAA evaluates an individual’s ability to foster a culture of compliance among team members.
What elements does the Behavioral Compliance Aptitude Assessment (BCAA) measure?
1) Organizational Culture – The individual’s “proficiency” in “fostering” a culture of organizational compliance.
2) Employee Adherence – Employees’ “attitude” towards “adhering” to regulatory compliance or organizational policies.
3) Employee Beliefs – Employees’ “convictions” and ardency towards regulatory compliance or organizational policies.
What does the BCAA testing consist of?
The BCAA is a 60-minute, 60-question online examination. The BCAA scores the three behavioral elements (Organizational Culture, Employee Adherence, and Employee Convictions) and provides a score ranging from 1 to 100%.
Why is it necessary to implement the Behavioral Compliance Aptitude Assessment (BCAA) within your organization's risk governance framework/policy?
Friedman’s (2025) research, “Factors shaping policy for cybersecurity resilience in critical infrastructure (CI) organizations: Proposition an Adaptive Cyberesilience Policy Model (ACRPM)”, argues the necessity of integrating psychological elements into the risk governance framework. Friedman asserts that “the traditional compliance-based framework and controls are insufficient and to achieve effective compliance and overall organizational resilience, a public policy shift is required—one that integrates technical defenses with risk governance, human behavior, and organizational culture” (Friedman, p 187, 2025). The BCAA can be applied to measure the human behavioral and psychological component within the ACRPM.
A Proposal for the Development of the Behavioral Compliance Aptitude Assessment (BCAA)™ - Psychometric Methodology & Development Process
By Raymond Friedman, PhD
Mile2 Cybersecurity
1. Introduction
In modern organizations, compliance is not merely procedural; it is rather behavioral. Employees’ ethical decision-making, adherence to rules, and conviction toward organizational values are critical to sustaining a culture of compliance.
The proposed Behavioral Compliance Aptitude Assessment (BCAA)™ aims to scientifically measure these behavioral dimensions. This proposal outlines the process for designing, developing, validating, and implementing a psychometrically sound BCAA™ instrument that captures the psychological underpinnings of compliance behavior.
2. Objectives
To design, develop, validate, and standardize a Behavioral Compliance Aptitude Assessment (BCAA)™ as a reliable psychometric instrument for measuring behavioral dimensions of organizational compliance. The following objectives will guide this project.
1. To establish the psychological and organizational purpose of BCAA™–defining it as a diagnostic instrument that measures not only compliance adherence but also the ethical, emotional, and cultural factors influencing compliant behavior in professional settings.
2. To ensure the BCAA™ reflects multidimensionality and contextual sensitivity, encompassing the distinct yet interrelated constructs of organizational culture, employee adherence, and employee convictions, each grounded in contemporary compliance and behavioral theories.
3. To embed ethical and cultural intelligence within the instrument, ensuring that the assessment captures employees’ moral reasoning, integrity orientation, and sense of responsibility toward organizational norms and legal frameworks.
4. To design BCAA™ as a predictive and developmental tool, not merely evaluative, capable of identifying behavioral gaps and guiding training, coaching, and policy refinement for enhanced compliance performance.
5. To maintain psychometric rigor and fairness, ensure that the instrument is valid, reliable, unbiased, and suitable across organizational levels, demographic groups, and industries.
6. To integrate organizational psychology principles, aligning the assessment with constructs such as ethical climate, governance maturity, employee engagement, and moral conviction, thereby strengthening its theoretical and applied significance.
7. To design the BCAA™ for adaptability and scalability, allowing customization for diverse organizational types—public, private, or critical infrastructure—while preserving core constructs and interpretive comparability.
8. To position the BCAA™ as a bridge between policy and practice, enabling organizations to quantify the “human compliance factor” and integrate behavioral data into risk governance, HR, and corporate ethics strategies.
9. To promote continuous improvement in compliance culture, using BCAA™ insights to foster reflection, dialogue, and leadership interventions that sustain ethical resilience over time.
3. Methodology: Psychometric Development Process
The BCAA™ will be developed through five systematic phases following international psychometric standards (APA, AERA, ITC):
Phase 1: Construct Definition and Item Generation
• Conduct a comprehensive literature review on compliance behavior, ethics, and organizational culture.
• Define constructs and sub-dimensions under each domain.
• Develop a preliminary item pool (initially 60–80 items) that reflects the cognitive, affective, and behavioral aspects of compliance.
Phase 2: Expert Review and Content Validation
• Engage 6–8 domain experts (psychologists, compliance professionals, and governance scholars).
• Use Content Validity Index (CVI) and Lawshe’s CVR to evaluate each item’s clarity and relevance.
• Finalize items through expert consensus.
Phase 3: Pilot Testing
• Administer the refined items to a pilot group (n = 100–150) in compliance-driven organizations.
• Perform item-total correlations and remove items with low performance.
• Refine the instrument for the main validation phase.
Phase 4: Psychometric Validation
• Conduct large-scale testing (n = 400–600 participants).
• Apply:
◦ Exploratory Factor Analysis (EFA) for dimensional identification.
◦ Confirmatory Factor Analysis (CFA) for model fit confirmation.
◦ Reliability analysis (Cronbach’s α, McDonald’s ω, test–retest).
◦ Validity testing (convergent, discriminant, and criterion validity).
Phase 5: Standardization and Manual Development
• Establish norms (percentiles, mean, SD) for score interpretation.
• Develop an administration, scoring, and interpretation manual.
• Prepare a technical report that summarizes the psychometric evidence.
4. Significance for Organizations
• Strengthening Compliance Culture
The BCAA™ helps organizations move beyond checkbox compliance to behavioral compliance, ensuring that ethics and integrity are embedded in everyday decision-making.
• Risk Reduction
By identifying employees’ behavioral gaps in compliance aptitude, organizations can prevent regulatory breaches, ethical misconduct, and policy violations before they occur.
• Data-Driven HR and Governance Decisions
The BCAA™ provides quantifiable insights into compliance behavior, enabling HR and risk managers to make evidence-based decisions on training, hiring, and promotions.
• Improved Organizational Reputation
A measurable culture of compliance fosters stakeholder trust, enhances reputation, and demonstrates a commitment to ethical governance.
• Employee Development and Awareness
The assessment promotes self-reflection and awareness among employees about their ethical reasoning and adherence attitudes, improving long-term accountability.
• Integration into Risk Governance Frameworks
BCAA™ results can be integrated into corporate risk governance systems to align behavioral compliance with strategic resilience and sustainability initiatives.
5. Conclusion
The proposed development of the Behavioral Compliance Aptitude Assessment (BCAA)™ will create an innovative psychometric tool that objectively assesses compliance-related behaviors. Its application will enable companies to embed behavioral intelligence into compliance systems—transforming compliance from a regulatory function into a strategic advantage grounded in ethics, psychology, and culture.
Behavioral Compliance Aptitude Assessment (BCAA)™ – Regulation Edition – Scoring and Interpretation Guide.
By Raymond Friedman, PhD
Mile2 Cybersecurity
Introduction
The Behavioral Compliance Aptitude Assessment (BCAA)™-R evaluates an individual’s behavioral alignment with compliance, ethics, and regulatory discipline. It measures three dimensions of behavioral compliance aptitude:
1. Organizational Culture – the individual’s proficiency in fostering a culture of organizational compliance.
2. Employee Adherence – the individual’s attitude toward adhering to regulatory compliance or organizational policies.
3. Employee Beliefs – the individual’s convictions and consistency toward compliance, integrity, and ethical conduct.
Scoring Methodology
The Test BCAA™-R assessment is 60 minutes long and includes 60 multiple-choice questions, divided equally among the three behavioral dimensions. Each correct response earns one point. Scores are converted into percentages per dimension. The composite score represents the average of the three-dimensional scores:
BCAA™ Composite Score = (Organizational Culture + Employee Adherence + Employee Beliefs) / 3
Interpretation Framework
Scores correspond to four tiers of behavioral compliance aptitude. These tiers reflect consistency, conviction, and leadership potential in maintaining compliance standards:
85–100% | Strong Behavioral Compliance Aptitude
The individual consistently demonstrates ethical awareness, procedural ownership, and proactive reinforcement of compliance behaviors across various contexts. They display resilience under pressure, decisive judgment, and serve as a positive model for organizational integrity.70–84% | Moderate Behavioral Compliance Aptitude
The individual exhibits reasonable understanding and commitment but may hesitate under pressure or defer responsibility when challenged. Continued reinforcement and accountability training can enhance self-assurance and reliability.55–69% | Developing Compliance Awareness
The individual understands the concept of compliance requirements but applies them inconsistently. Focused mentoring and scenario-based training are recommended to strengthen judgment and conviction.
Below 55% | Compliance Risk Zone
The individual’s behavioral responses indicate a limited conviction and a tendency to rationalize noncompliance when it is convenient. Immediate development and oversight are recommended to mitigate organizational risk.Dimension-Specific Interpretations
Organizational Culture
Strong: Displays proactive leadership in setting the tone for compliance integrity. Consistently models transparency, ethics, and responsible communication across teams.
Moderate: Demonstrates awareness of cultural influence but may inconsistently apply reinforcement. Benefits from deliberate inclusion in compliance discussions and leadership modeling.
Developing: Recognizes compliance expectations but lacks the initiative to influence others. Requires structured coaching to connect values to organizational practice.
Risk Zone: Shows minimal engagement with compliance culture and may tolerate rule-bending. Needs guided accountability and direct reinforcement from leadership.
Employee Adherence
Strong: Follows established procedures meticulously, even under operational pressure. Demonstrates high reliability and respect for regulatory protocols.
Moderate: Generally compliant but occasionally overlooks process steps for convenience. Targeted reminders and feedback loops can improve consistency.
Developing: Understands what should be done but fails to apply controls consistently. Requires supervision and role-based reinforcement.
Risk Zone: Regularly disregards process obligations or deadlines. Indicates risk-prone behavior requiring immediate corrective measures.
Employee Beliefs
Strong: Internalizes compliance as a moral and professional responsibility. Upholds ethics even when unsupervised and promotes principled reasoning among peers.
Moderate: Believes in compliance importance but may rationalize minor deviations. Needs ongoing reinforcement to strengthen ethical conviction under stress.
Developing: Shows awareness of ethical expectations without deep conviction. Requires mentoring to connect compliance to integrity and self-accountability.
Risk Zone: Views compliance as external enforcement rather than personal value. High vulnerability to ethical compromise under pressure; targeted re-education recommended.
Composite Summary Template
Use this template to summarize participant results across all three dimensions:
Example: ‘The participant demonstrates moderate behavioral compliance aptitude with strong adherence to discipline but is developing conviction in belief-based decision-making. Recommended focus includes leadership communication training and reinforcement of ethical confidence during high-pressure operations.’
Professional Recommendations
• Reinforce compliance through consistent leadership modeling and transparency.
• Provide scenario-based workshops for moderate or developing performers.
• Establish mentorship programs focusing on ethical decision-making.
• Integrate feedback mechanisms into regular performance reviews.
• Use assessment results to tailor compliance training roadmaps for individuals and teams.
