Why I wrote a book on policies and procedures
Many people read policies — or are supposed to read them. Some people write policies. And then there’s an even smaller group that decide to write a book about policies. I just published such a book and here’s why.
Organizations need governance documents; meaning policies, procedures, and other written rules that tell the organization and employees what to do and how to do it.
These documents are an important part of management because they help the organization comply with legal requirements, accomplish its mission, and run efficiently.
Policies have legal significance and are the first things requested by a government regulator, civil plaintiff, auditor, or anyone trying to assess how the organization manages and complies on a particular topic. These documents could be Exhibit 1 in a lawsuit. Or they could be quality documents that keep an organization’s practices in compliance and avoid a lawsuit in the first place.
I wrote a book on polices to help organizations build effective and quality governance documents. With a solid process, it is possible to improve the organization and the individuals on the project team during the creation or update of these policies and procedures.
I wrote this book because I had something to give. I have spent a lot of time thinking about rules and how they are written. I have worked for three organizations that had a lot of rules. The practice of law is about rules, and my current legal practice involves a lot of policy work. I could go on — and I do in the book — with a chapter on how I got to writing this book.
This book is filled with solid principles that scale to any size and translate across domains. It is for any type of organization and can be applied to any topic and any type of governance document.
A foundation of the book is The Five Components for Policy Work, suitable for any organization including for-profit business, non-profit, and government entities. It allows organizations to assess five important areas:
- Mission
- Laws and regulations (external rules)
- Best practices (external guidance)
- Current practices (internal rules)
- Existing and desired policies and procedures (internal rules)
Some chapters and sections are devoted to cybersecurity which gives any reader understanding of this complex topic. The book covers cybersecurity and data breach laws, a touch of privacy, cybersecurity best practices, and The Four Pillars of Cybersecurity.
Additional reading
- For more about the book (including a chapter listing) visit my landing page at https://johnbandler.com/policiesbook/
- To buy the book, visit this page at Amazon, https://www.amazon.com/dp/1963435001
- To read more about policies, procedures, and cybersecurity, start at my book landing page and scroll to the bottom.
Copyright John Bandler all rights reserved. This article is adapted from prior work in my book and on my website.
Posted to Medium on 03/16/2024 based on prior work. Last updated here on 03/16/2024.