Cybercrime is an enormous global illicit economy. We want to protect ourselves, have good cybersecurity, and think about civil and criminal laws. Identity theft and cybercrime go hand-in-hand, so we cannot talk about one without the other. …

Identity theft and cybercrime go hand-in-hand, so we cannot talk about one without the other. This is an area of self protection, organization cybersecurity, and government civil and criminal enforcement. What is identity theft Identity theft is a crime defined by various federal and state criminal statutes. In sum, it is when an offender…

Practice, or action, is what organizations do. Good organizations do the right thing to accomplish the mission and comply with legal requirements, but this is easier said than done. …

Privacy is important for every individual and every organization. Privacy threats include data breaches and companies who overshare, violating their privacy promises regarding customer information. Privacy is the subject of rapidly growing laws and regulations and is worth attention from every organization. For organizations, sound privacy practices can be good…

Mission and business needs are the top priority for every organization. Mission is one of the Five Components for Policy Work, so let’s put it in context of policies, procedures, law, cybersecurity, privacy, and management. Every organization exists for a reason — that’s their mission. It might be called goals…

External guidance is materials or advice that organizations may consult when creating and updating policies or otherwise seeking to improve their practices and action. Guidance is voluntary, not mandatory (in contrast with legal requirements such as laws and regulations which are required obligations). …

External rules are legal requirements such as laws and regulations and come from outside an organization. Organizations need to know what external rules apply to them, how to comply with them, and how to ensure that compliance integrates with their mission and business needs. External rules are one of my…

Bandler’s Fourth Platform incorporates mission and business needs into the Three Platforms compliance and management concept. Together this helps organizations manage themselves effectively and efficiently, including with their information assets (these assets include computer devices, data, networks, and more). My Three Platforms to Connect concept visualizes how legal requirements, internal…

There are five components for policy work that organizations can consider for management and when creating and updating internal rules such as policies, procedures, and standards. These concepts apply across all areas of organization management, though this article is written primarily in the context of information governance — properly managing…