§01
About this type.
Normative control requirements that policies delegate to and audits test against.
§02
Documents.
62 Standard-type documents in the library, listed by domain. Each links to its source on GitHub, where the corpus is version-controlled and continuously gated.
- aiAI Access and Agent Permissions Standard↗
- aiAI and Agentic Development Security Standard↗
- aiAI Data Quality and Readiness Validation Standard↗
- aiAI Inference Cost Governance Standard↗
- aiAI Model Risk Standard↗
- aiAI Security and Risk Standard↗
- aiAI Testing, Validation and Documentation Standard↗
- architectureAPI Design Standard↗
- architectureArchitecture Decision Records Standard↗
- architectureData Architecture Standard↗
- architectureIntegration Architecture Standard↗
- architectureReference Architecture Standard↗
- architectureTechnology Radar Standard↗
- complianceInternal Audit Standard↗
- complianceSanctions and Export-Control Screening Standard↗
- dev-securityAPI Security Standard↗
- dev-securityAWS Cloud Hardening Baseline Standard↗
- dev-securityAzure Cloud Hardening Baseline Standard↗
- dev-securityContainer and Image Security Standard↗
- dev-securityDeveloper Security Requirements↗
- dev-securityDevOps Security Requirements↗
- dev-securityGoogle Cloud Platform Hardening Baseline Standard↗
- dev-securityMobile Application Security Standard↗
- dev-securityQuality Assurance and Testing Standard↗
- dev-securitySecurity Baseline and Standards Reference↗
- dev-securitySecurity Quick Reference↗
- dev-securitySoftware Composition Analysis Standard↗
- dev-securitySoftware Evaluation, Acceptance and Lifecycle Management Standard↗
- governanceMaturity Assessment Methodology Standard↗
- governanceRecords Retention and Destruction Standard↗
- operationsCapacity and Performance Management Standard↗
- operationsCertificate Authority Management Standard↗
- operationsCloud Security Configuration Baseline↗
- operationsIT Financial Management Standard↗
- operationsNetwork Security and Segmentation Standard↗
- operationsObservability and Telemetry Standard↗
- operationsOT/ICS Security Standard↗
- operationsPhysical Security of IT Infrastructure Standard↗
- operationsProduction Security Requirements↗
- operationsService Level Management Standard↗
- operationsSite Reliability Engineering Standard↗
- privacyPseudonymization and Anonymization Standard↗
- resilienceBusiness Continuity and Disaster Recovery Standard↗
- riskEnterprise Risk Management Standard↗
- riskThird-Party and Supply Chain Risk Standard↗
- securityAuthentication and Password Management Standard↗
- securityData Classification and Handling Standard↗
- securityData Loss Prevention Standard↗
- securityEmail Security Standard↗
- securityEndpoint Hardening Standard↗
- securityLogging and Monitoring Standard↗
- securityPenetration Testing and Red Team Standard↗
- securityPersonnel Security Screening Standard↗
- securityPrivileged Access Management Standard↗
- securityRemote Working Security Standard↗
- securitySaaS Security Posture Management Standard↗
- securitySecurity Awareness and Training Standard↗
- securitySecurity Operations Centre Operating Model Standard↗
- securityThreat Modelling Standard↗
- supply-chainCloud Exit and Data Portability Standard↗
- supply-chainSupplier Resilience Monitoring Standard↗
- supply-chainSupplier Security and Privacy Assurance Standard↗