A
Baselines provide the minimum level of security necessary throughout the organization. Standards specify how hardware and software products should be used throughout the organization. Procedures are detailed step-by-step instruction on how to achieve certain tasks. Guidelines are recommendation actions and operational guides to personnel when a specific standard does not apply. Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 3: Security Management Practices (page 94).