Policies
These are high-level statements of the university’s goals and objectives with the intent to be long-lasting. They outline specific requirements or rules that must be met.
Standards
These are mandatory rules of measure; collections of system-specific or process-specific requirements that must be met. Standards are designed to provide policies with the support structure and specific direction they require to be meaningful and effective.
Guidelines
These are recommended models or general statements designed to achieve policy objectives by providing a framework for developing or implementing procedures, processes, or practices; guidelines may utilize or refer to standards.
Security References and Information Technology-related policies from the Handbook of Operating Procedures: