Statement

Statements is a generic object to document:

"..regulations, policies, guidelines, principles, standards, procedures, and best practices"

Regulations are

"..rules put in place by government or government agencies to restrict and control organizational behavior."

Examples of regulations

• GDPR - general data protection regulation by European Union

• Cybersecurity Framework from Central banks

• Business Continuity Frameworks

Policies are

".. general statements of which set the standards of behavior for an organization"

Examples of policies:

• Cybersecurity policies - e.g. encryption of email attachments and restrictions on the use of social media

• Data Governance policies - e.g. data access policy or data usage policy

Procedures are

step by step instructions on how to perform a task

Principles are

"..a proposition or value that is a guide for behavior or evaluation"

Examples of principles:

• Business Principles - e.g. respect Your Customers