V studii (3 strany) jsou formulovány následující kroky:
- Assess the regulations your business is subject to
- Identify known content risks
- Talk to stakeholders
- Know where your data is
- Set formal rules for creating and changing policies
- Put alerting and enforcement mechanisms in place
- Delegate controls and responsibilities
- Maximize existing IT investments
- Go with a platform approach
- Build your solution as needed