The term “policy” has a semi-technical meaning for systems administrators and cybersecurity analysts. Because this meaning is relatively standardized (e.g., “group policy” for Windows networks), the underlying orchestration of business rules is easily grasped. For other organizational — and political — processes, it is less obvious. For instance, violations of group policy can be automatically audited. In a more positive vein, other behaviors, such as frequency of use for information or apps, can be measured at the group level. Two groups, one used as a control group, can test initiatives (“interventions”), such as the introduction of a new technology (e.g., Facebook at work) or new policy (e.g., outsourcing of a process previously performed in-house).