We are at the stage where the most fundamental and basic controls on which all privacy and security programs rest to some extent, are at a risk of becoming illusory, outdated, not read and used by a great majority of relevant stakeholders. How can we apply more sophisticated approach and tools?

