A rule, condition, or requirement: (1) Describing the following information for products, systems, services or practices: (i) Classification of components. (ii) Specification of materials, performance, or operations; or (iii) Delineation of procedures; or (2) With respect to the privacy of protected health information.
Sources:
NIST SP 800-66r2
from
HIPAA Security Rule - §160.103
A document that provides requirements, specifications, guidelines or characteristics that can be used consistently to ensure that materials, products, processes and services are fit for their purpose.
Sources:
NIST SP 800-175A
a document, established by consensus and approved by a recognized body, that provides for common and repeated use, rules, guidelines or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context. Note: Standards should be based on the consolidated results of science, technology and experience, and aimed at the promotion of optimum community benefits.
Sources:
NISTIR 8074 Vol. 2
from
ISO/IEC Guide 2:2004
a document that may provide the requirements for: a product, process or service; a management or engineering process; or a testing methodology. An example of a product standard is the multipart ISO/IEC 24727, Integrated circuit card programming interfaces. An example of a management process standard is the ISO/IEC 27000, Information security management systems, family of standards. An example of an engineering process standard is ISO/IEC 15288, System life cycle processes. An example of a testing methodology standard is the multipart ISO/IEC 19795, Biometric Performance Testing and Reporting.
Sources:
NISTIR 8074 Vol. 2