Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Standards

Training Camp • Cybersecurity Glossary

What is Standards?

Specific mandates explicitly stating expectations of performance or conformance.

Glossary > Governance, Risk & Compliance > Standards

Understanding Standards

Specific mandates explicitly stating expectations of performance or conformance. Standards are detailed, specific requirements that must be met to achieve consistent security implementation. They are more prescriptive than policies, providing measurable criteria for compliance and serving as the basis for auditing and assessment. Standards supplement policies by defining how policy objectives will be achieved. Standards are integral to frameworks like ISO 27001, NIST SP 800-53, PCI DSS, and various regulatory requirements. Organizations implement standards through detailed documentation, configuration requirements, process specifications, and compliance verification mechanisms. For example, an organization might establish a password standard that specifies minimum length (12 characters), complexity requirements (upper/lower case, numbers, special characters), expiration policy (90 days), history restrictions (no reuse of last 24 passwords), and lockout thresholds (5 failed attempts), providing specific, measurable criteria for implementing the broader authentication policy. Related terms: Policy, Guidelines, Procedures, Compliance, Baseline, Configuration standards, Security requirements, Control implementation.

Learn More About Standards:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →