Is it a Policy, a Standard / Procedure or a Guideline?

What's in a name? We frequently hear people use the names "policy", "standard", “procedure”, and "guideline" to refer to documents that fall within the policy infrastructure. So that those who participate in this consensus process can communicate effectively, we'll use the following definitions.

Policy: A policy is typically a document that outlines specific requirements or rules that must be met. In the information/network realm, policies are usually point-specific, covering a single area. For example, an "Acceptable Use" policy would cover the rules and regulations for appropriate use of the computing facilities.

Standard Procedure: A standard procedure is typically collections of system-specific or procedural-specific requirements that must be met by everyone. For example, you might have a standard that describes how to harden a Windows XP workstation for placement on an external (DMZ) network. People must follow this standard exactly if they wish to install a Windows XP workstation on an external network segment.

Guideline: A guideline is typically a collection of system specific or procedural specific "suggestions" for best practice. They are not requirements to be met, but are strongly recommended. Effective security policies make frequent references to standards and guidelines that exist within an organization.


Policies/Procedures

Policy - Acquisition and Use of Domain Names
Policy - Appropriate Use Policy
Policy - Backup Recovery of User Files
Policy - Banner Common Matching
Policy - Banner Data Acceptable Use
Policy - Complying with the Digital Millennium Copyright Act
Policy - Change Management
Policy - Changing Password by IS Department
Policy - Data Entry Standards for Banner Users
Policy - Duplicate PIDM Clean Up
Policy - E-Mail Signature Block Standard
Policy - Granting Banner Accounts
Policy - Helpdesk Support While Traveling
Policy - Information Security
Policy - Laptop Encryption
Policy - Learning Management System
Policy - Off Campus Access via Virtual Private Network
Policy - Office Moves
Policy - Otis Community E-Mail Responsibility
Policy - Passwords rev 2
Policy - Proper E-Mail Use
Policy - Purchasing Computers, Printers, Software
Policy - Remote Access
Policy - Restoring Corrupted Operating System
Policy - Response to a Student Violation of the DMCA
Policy - Risk Assessment
Policy - Standard Workstation Screen-Saver Operation
Policy - Student Access to Administrative Information Systems (v2)
Policy - Student E-Mail Account Retention
Policy - Student E-Mail Responsibility (v2)
Policy - Submitting High Importance E-Mails to Otis College
Policy - Submitting Mass E-Mails to Otis College (v3)
Policy - Support of Home Computer Equipment
Policy - TrackIT Work Order Retention
Policy - Vendor Access
Policy - Web Conferencing (Zoom)
Policy - Wireless Communication on Internal Wireless Network
Policy - Work Order


Procedure - Proposing Auxiliary Domain Names
Procedure - Banner Common Matching