Mission and business needs are the top priority for every organization. Mission is one of the Five Components for Policy Work, so let’s put it in context of policies, procedures, law, cybersecurity, privacy, and management. Every organization exists for a reason — that’s their mission. It might be called goals…

External guidance is materials or advice that organizations may consult when creating and updating policies or otherwise seeking to improve their practices and action. Guidance is voluntary, not mandatory (in contrast with legal requirements such as laws and regulations which are required obligations). So organizations can seek guidance, and then…

External rules are legal requirements such as laws and regulations and come from outside an organization. Organizations need to know what external rules apply to them, how to comply with them, and how to ensure that compliance integrates with their mission and business needs. External rules are one of my…

Bandler’s Fourth Platform incorporates mission and business needs into the Three Platforms compliance and management concept. Together this helps organizations manage themselves effectively and efficiently, including with their information assets (these assets include computer devices, data, networks, and more). My Three Platforms to Connect concept visualizes how legal requirements, internal…

There are five components for policy work that organizations can consider for management and when creating and updating internal rules such as policies, procedures, and standards. These concepts apply across all areas of organization management, though this article is written primarily in the context of information governance — properly managing…

This article introduces some important legal considerations that apply to business. This helps students, startup creators, and small business owners understand important concepts. As an introduction this is not exhaustive, so after reading this you can do additional research and seek legal expertise as needed. Resources are always limited so…

Negligence is an important area of law that affects us all. As individuals and anyone making decisions about an organization, we need to appreciate basic principles of negligence law to guide our action. Further, it is an area of traditional law with deep implications for cybersecurity and privacy. Negligence in a nutshell A touchstone…

Contract law mixes law, business, and personal. It affects us all. We introduce basic concepts of a contract, and explore how it applies for individuals, organizations, cybersecurity, privacy, and information systems. We enter into contracts practically every day, often without realizing it. We agree to terms of use daily for…

“Internal rules” describes any rule an organization creates for itself and its employees, and is an important platform for organization management and governance (including management of digital assets for cybersecurity and privacy). Many may use the term “policies and procedures” for this, but internal rules is more inclusive of the…