Warning: session_start() [function.session-start]: open(/home/content/30/5076530/tmp/sess_1sr9r7skik9e3hi63kl24232v5, O_RDWR) failed: No such file or directory (2) in /home/content/30/5076530/html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/content/30/5076530/html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php:121) in /home/content/30/5076530/html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/content/30/5076530/html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php:121) in /home/content/30/5076530/html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121
Relationship between a policy, standard, guideline, and procedure | Marcos Christodonte II - Information Security Blog
Top

Relationship between a policy, standard, guideline, and procedure

May 16, 2009 by  

After a recent conversation explaining the relationship between a standard and guideline, I thought I’d post this diagram which clearly shows the relationship, at that of policies and procedures.

policy_standard_guideline_procedures

Source: CISA Certified Information Systems Auditor Study Guide

Comments

2 Responses to “Relationship between a policy, standard, guideline, and procedure”

  1. Kim on November 4th, 2009 2:46 am

    This model explains the relationship between a policy and procedure perfectly! Thanks.

  2. James Wilson on February 15th, 2011 8:23 am

    Intrinsically, it seems to me the a standard is a high order entity from which policy is derived, thus it was very interesting to review this diagram and reflect. Not sure that the particular arrows or flow in this diagram necessarily goes again my initial statement.

    I review standards established by my peers, the industry, and then from that establish our own internal policy. Based upon standards, here is our policy.

    I do think that from a communication perspective, it might make sense to reverse the order for clarity and consistency.

    “Here is the policy… it is derived from the following standard.”.

    Just a thought…

Feel free to leave a comment...
and oh, if you want a pic to show with your comment, go get a gravatar!





Bottom

Warning: Unknown: open(/home/content/30/5076530/tmp/sess_1sr9r7skik9e3hi63kl24232v5, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0