Best Practices for Technical Standard CreationApril 2017
Topics: Government Agency Operations, Systems Engineering, Technology Investment Planning
One important enabler of a comprehensive cyber defense approach is uniformity of practice. Uniformity of practice reduces complexity and ambiguity in multi-component environments. It can also enable concentration of cyber defenses in areas where such practices can be most effective. Technical standards support uniformity of practice through a precise description of that activity. There is an ongoing need to develop new technical standards to reflect the continuous creation of new practices and technologies.
However, the development of technical standards is fraught with challenges, many of which can be unintuitive to those new to the process. This paper identifies major factors that can impact a standardization effort’s chances of success and offers some guidance to address such roadblocks. It includes guidelines covering activities before, during, and after a standard is developed, as well as advice on navigating the cultures and operations of standards development bodies. Special emphasis is given to the role the US government can play in these activities. This guidance is based on input from over a dozen experts who, combined, have over a hundred person-years of experience working in standards bodies. Together, this information can improve the chances of successful engagement in a standardization effort.