Bandler's Fourth Platform to Connect
Incorporating business needs into the Three Platforms compliance and management concept
by John Bandler
Bandler's Fourth Platform, with the prior Three Platforms to connect, helps organizations manage themselves effectively and efficiently, including with their information assets. Information assets include computer devices, data, networks, and more. My Three Platforms to Connect concept visualizes how legal requirements, internal policy, and organization practice should align and is compliance oriented. Now we introduce the Fourth Platform to our concept to ensure organization mission and business are included in our conceptual diagram.
Recapping Bandler's Three Platforms to Connect
The three areas to consider for compliance analysis are:
- Laws and regulations (external rules)
- Policies, procedures, and other internal rules
- Practice, action, or what is actually done.
I examine each of these platforms in more detail in my Three Platforms article.
The Fourth Platform: Business needs and mission
As I emphasize in my Three Platform's article, businesses have a mission, which may include one or more of the following:
- Do good and help individuals and society, provide a necessary service or product
- Earn revenue and business (which pays employee salaries, rewards business owners and shareholders, etc.)
- Obtain donations or grants
- Survive, thrive, and grow.
This mission might also be called "business needs" and deserves a place in our diagram.
First I will show them inline. Lined up, like a squad of soldiers in formation, or baseball players on the foul line for the national anthem.
Putting them in a line is a start but can be improved
But a line doesn't fully capture it. There are actually two paths and different people in the organization might compete regarding which path should take precedence. Organizations need to try align them.
Put another way, different people in an organization may have varying priorities. Although organizations with a culture of compliance and knowledge of external requirements are generally better managed and well-suited for long term success, sometimes it takes time to get everyone onto that same page. One person or department may be focused on laws and compliance, another focused on earning revenue.
So let's show these four pillars in more of an L-shape, and recognizing that external rules and business needs can sometimes seem at odds.
Let's also recognize the limitations of my drawing skills and time, perspective and labeling, and PowerPoint. It's a compromise and there is room for improvement.
Let's try a top view
The limits of my graphic arts capabilities are clear, so let's switch to a top view.
We've got the same four platforms arranged in a "T" shape, we just changed our view point.
Now let's show the compliance and business lines of priority
And now let's draw in two lines.
The first (red) line is the "compliance line" and showing how external rules, internal rules, and practice need to align. That's the Three Platforms from my other article.
The other (green) line is the "business needs" line, and how that, internal rules, and practice need to align.
Some employees may focus on the compliance line, such as the general counsel, compliance officer, privacy officer, chief information security officer, and more.
Some employees may focus on the business needs line, such as those whose duties require creating and delivering products and services, and earning revenue or obtaining grants.
But organizations looking for long term success will strive to satisfy both lines and align all four platforms. Long term survival and growth requires compliance with laws and protecting assets.
As we can see, the internal rules are right in the middle of all of this. Internal rules tell employees what do do and how the business should run, and that's important for both business needs and compliance with external rules. So we will discuss internal rules in more detail in another article.
Businesses need to build internal rules and practices that align with business needs and external rules. My Four Platforms to Connect concept builds on the Three Platforms and provides a helpful way for organizations to visualize compliance and management, which also helps with good overall governance and efficiency. As always, we need to incorporate business needs, because organizations need to successfully perform their mission. Building good internal rules is a process, which starts with planning, as I discuss here.
This article is (of course) not tailored to your circumstances, nor is it legal or consulting advice.
If your organization needs help with improving its internal documentation and compliance with external rules, including regarding cybersecurity and protecting from cybercrime, let me know.
- Bandler's Three Platforms to Connect
- Policy and Procedure Research and References (I have researched and built out many articles on the topic and they are all listed in this article)
- Internal Rules Planning
- Cybersecurity, Privacy, You, and Your Organization
- New York Cybersecurity Requirements and the SHIELD Act
- Cybersecurity review and improvement for your organization - a checklist
- Introduction to Cybersecurity and Information Security
- Cybersecurity Laws and Regulations Part 1 (general legal overview)
- Bandler's Free Starter Cybersecurity Policy
- Bandler's Four Pillars of Cybersecurity
- Policies, Procedures, and Governance of an Organization (includes this 3 platforms concept, plus more)
- Policies and Procedures
This article is hosted at https://johnbandler.com/bandlers-fourth-platform-to-connect, copyright John Bandler, all rights reserved.
This article builds upon my "Three Platforms to Connect" concept from my 2020 article: Policies, Procedures, and Governance of an Organization.
This article is also available on Medium.com at NOT YET (though not kept as up to date).
Originally posted 5/15/2022, updated 8/3/2022.