Policies and Standards Design Considerations

All documents in a policy and standards library are meant for people to read, understand, and implement. Policies and standards are not guidelines that offer suggestions. They are a collection of concrete definitions, procedures, and standards that describe acceptable and unacceptable human behavior. There are consequences for failing to follow approved standards. Developing them is not a trivial undertaking.


Most often, the questions related to where, when, and how are more appropriate for procedures or guidelines rather than policies or standards. Try to keep your policies and standards ...

Get Security Policies and Implementation Issues, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.