by John Bandler

People: Humans, or Homo Sapiens, are indisputably the most difficult and destructive of all species on our planet and even the universe.

Not withstanding our faults lets reflect for a second on how important people are to what we do.

Consider what people do regarding organization cybersecurity and policies and procedures:

  • Lead organizations and need employees to follow them and do what is right
  • Write policies and procedures for other people to read
  • Read policies and procedures and need to understand and follow them
  • Attempt to commit cybercrimes (we need to protect against these criminals)
  • Be subjected to cybercrime attacks
  • Fall victim to cybercrime attacks (we need to build their knowledge and awareness to make good decisions)
  • Make decisions that are important for the organization
  • Make daily decisions about whether to click links, provide information, etc.
  • Attempt to convey meaning with words
  • Attempt to understand what someone else is conveying
  • Are on a project team
  • Do work for an organization or team
  • Will be asked to approve a project team's work.

It would be great if people made decisions based on facts, logic, and reason. But that is not always the case.

People are the most important asset of any organization. They do the work and get things done.

That said, there is a saying: "Work is easy, it's the people that are hard."


This article is (of course) not tailored to your circumstances, nor is it legal or consulting advice.


Thinking about people can help improve the product or result. With policies and procedures, it is not just about the result, the final document. It is about the journey and the process.

If your organization needs help with improving its internal documentation and policies and procedures, feel free to contact me.

Additional reading

This article is hosted at, copyright John Bandler, all rights reserved.

This article is also available on at NOT YET (though not kept as up to date).

Originally posted 2/11/2024, updated 3/2/2024.