IT Policy
Best Practice
The separation of governance and management activities points out the need for more specific guidance on how policy principles are implemented and managed. A good practice is to create additional documentation to support policy effectiveness and efficiency.
​
ABOUT
Standards
A mandatory action, explicit rules, controls or configuration settings that are designed to support and conform to a policy. A standard should make a policy more meaningful and effective by including accepted specifications for hardware, software or behavior. Standards should always point to the policy to which they relate.
ABOUT
Procedures
A written set of steps to execute policies through specific, prescribed actions; this is the how in relation to a policy. Procedures tend to be more detailed than policies. They identify the method and state in a series of steps of exactly how to accomplish an intended task, achieve a desired business or functional outcome, and execute the policy.
ABOUT
Guideline
An outline for a statement of conduct. This is an additional (optional) document in support of policies, standards and procedures— general guidance on issues such as “what to do in particular circumstances.” These are not requirements to be met, but are strongly recommended.
ABOUT
Baseline
A platform-specific rule that is accepted across the industry as providing the most effective approach to a specific implementation