Information Technology Standards

The management is responsible for developing technical security standards acceptable and implementable within the organization's technical/systems capabilities and budgets. A "standard" is a prescription for the various ways the company will enforce the given policy. There is guidance available in the form of specific technical security standards developed by accredited bodies that would assist organization to develop their own internal standards. Please see the examples below:

  • Web standards are the formal, non-proprietary standards and other technical specifications that define and describe aspects of the World Wide Web.
  • Cybersecurity standards are security standards which enable organizations to practice safe security techniques to minimize the number of successful cybersecurity attacks.