Posted on

Standards, Policies, Procedures and Guidelines

It is important to understand the difference between the following definitions:

  • Standards
  • Policies
  • Procedures
  • Guidelines


A Standard is a set of rules which is usually set by an authority on a subject. Standards are able to be repeated and are usually mandated by a set policy. In addition, Standards specify at a low level compulsory controls which will support and impose policies and also provide a way to establish consistency across the enterprise or organisation.


A Policy references any procedures, standards and guidelines that provide support to it and are typically internal to the enterprise or organisation. The scope of a Policy is very narrow meaning that it is extremely specific dealing with a well-defined, specific area. Policies are dictated from the very top level of an organisation and are adhered to by organisational levels under the top level. A policy is used to determine who is liable for implementing and enforcing the policy and the reason the policy is needed. Finally, a policy is used to dictate set rules and requirements that must be followed.


Procedures sometimes called Standard Operating Procedures (SOPS) describe in a logical, step by step manner how to implement standards, guidelines and policies. Each step in the procedure should be specific explaining the individual step in detail.


Think of Guidelines as a recommendation which is not mandatory but rather a best practice where there is no set standard available. Guidelines may provide additional information in order to support a Standard where there is no other information available for the standard.