Top
Previous Week Next Week

Week 4

 

4.2.3 Know the sources of digital industry standards:

International Organization for Standardization (ISO)

The International Organization for Standardization (ISO) is an independent, non-governmental international organisation that develops and publishes global standards.

It was founded in 1947 and is made up of national standards bodies from over 160 countries. In the UK, the national member body representing ISO is the British Standards Institution (BSI).

ISO creates agreed standards to ensure that products, services, and systems are:

  • Safe

  • Reliable

  • Efficient

  • Consistent

  • Compatible internationally

The main purposes of ISO are:

To Ensure Quality and Consistency

ISO standards provide agreed frameworks so that organisations can deliver products and services that meet customer and regulatory requirements.

To Improve Safety

Standards help reduce risk, protect consumers, and ensure safe working practices.

To Support International Trade

By using globally recognised standards, companies can trade internationally without needing to meet different technical requirements for each country.

To Promote Best Practice

ISO standards are built using expert knowledge from industry professionals, ensuring organisations follow proven and effective methods.

 

Some widely recognised ISO standards include:

ISO 27001

ISO 27001 is an internationally recognised standard for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS). Its purpose is to help organisations systematically protect sensitive information, including customer data, financial records and intellectual property. The standard is built around risk management: organisations must identify information assets, assess threats and vulnerabilities, evaluate risk levels, and apply appropriate security controls from Annex A (such as access control, encryption, incident response and supplier security). It follows a continual improvement model (Plan-Do-Check-Act), requiring regular monitoring, internal audits and management reviews. Certification demonstrates that an organisation has structured, documented and independently verified information security processes, which is particularly important in digital support, cybersecurity and data protection environments where confidentiality, integrity and availability must be maintained.

  • Focus: Information Security Management Systems (ISMS)

  • Used to protect data and manage cybersecurity risks

  • Highly relevant in digital support and IT roles

ISO 9001

ISO 9001 is the world’s most widely adopted Quality Management System (QMS) standard. It focuses on ensuring that organisations consistently meet customer and regulatory requirements while continually improving their processes. The standard emphasises customer satisfaction, leadership commitment, process control, evidence-based decision-making and risk-based thinking. Organisations must document procedures, monitor performance, address non-conformities, and implement corrective actions where issues arise. ISO 9001 does not specify how a product or service must be delivered; instead, it ensures that systems are in place to maintain consistency, reliability and quality. Certification to ISO 9001 can enhance reputation, increase customer confidence and improve operational efficiency by reducing waste, duplication and errors.

  • Focus: Quality Management Systems

  • Ensures consistent service and product quality

  • Common across all industries

ISO 14001

ISO 14001 provides a framework for an Environmental Management System (EMS), helping organisations manage their environmental responsibilities in a systematic and sustainable way. The standard requires organisations to identify environmental aspects and impacts (such as waste generation, energy use, emissions and resource consumption), comply with legal obligations, and set measurable environmental objectives. Like other ISO management standards, it follows the Plan-Do-Check-Act cycle and promotes continual improvement. ISO 14001 supports organisations in reducing their environmental footprint, improving resource efficiency and demonstrating corporate social responsibility. Certification signals to customers, regulators and stakeholders that the organisation actively manages environmental risks and is committed to sustainable practices.

  • Focus: Environmental management

  • Helps organisations reduce environmental impact

 

 

Web Content Accessibility guidelines (WCAG)

The Web Content Accessibility Guidelines (WCAG) are internationally recognised guidelines developed by the World Wide Web Consortium (W3C) to make web content more accessible to people with disabilities. WCAG provides a framework to ensure websites, applications and digital services can be used by individuals with visual, auditory, physical, speech, cognitive and neurological impairments. The purpose of WCAG is to remove digital barriers and promote inclusive design, ensuring that everyone can perceive, understand, navigate and interact with online content. In the UK, WCAG is particularly important because public sector websites must meet WCAG standards under accessibility regulations linked to the Equality Act 2010.

WCAG is structured around four core principles known as POUR: content must be Perceivable (e.g., providing alternative text for images and captions for videos), Operable (e.g., ensuring full keyboard navigation and avoiding content that causes seizures), Understandable (e.g., clear language, predictable navigation and helpful error messages), and Robust (e.g., compatibility with assistive technologies such as screen readers). The guidelines are organised into testable success criteria across three levels of compliance: A (minimum), AA (standard requirement for most organisations), and AAA (highest level). Together, these criteria provide practical standards that developers and organisations use to design and evaluate accessible digital content.

 

World Wide Web Consortium (W3C)

The World Wide Web Consortium (W3C) is the main international organisation responsible for developing standards that ensure the long-term growth, stability and interoperability of the World Wide Web. Founded in 1994 by Tim Berners-Lee (the creator of the URL, HTML and HTTP protocols that enabled the creation of the internet), the W3C brings together member organisations, industry experts and the public to create open standards that allow websites, browsers and web technologies to work consistently across different devices and platforms. Its purpose is to ensure that the web remains accessible, secure, compatible and usable for everyone worldwide.

The W3C develops and maintains key web standards such as HTML, CSS, and accessibility frameworks like WCAG. It produces technical specifications, design principles and validation tools to guide developers in building compliant and interoperable websites. The organisation also promotes areas such as web security, privacy, internationalisation and mobile responsiveness. By creating universal technical standards rather than proprietary systems, the W3C ensures that the web remains open, consistent and accessible across different browsers, operating systems and technologies.

 

Internet Engineering Task Force (IETF)

The Internet Engineering Task Force (IETF) is an open international community of network designers, engineers, researchers and vendors who develop and promote voluntary technical standards that ensure the smooth operation of the internet. Formed in 1986, the IETF’s primary purpose is to improve the way the internet works by creating standards that support interoperability, reliability and security across global networks. Unlike regulatory bodies, the IETF operates through collaboration and consensus, allowing experts worldwide to contribute to the development of internet technologies.

The IETF produces standards known as Request for Comments (RFCs), which define how internet protocols function. These include foundational technologies such as Transmission Control Protocol (TCP), Internet Protocol (IP), and Hypertext Transfer Protocol (HTTP). The organisation works through specialised working groups focusing on areas such as routing, security, transport, and application protocols. By developing open, publicly available standards, the IETF ensures that devices, networks and services across the world can communicate effectively and securely.

 

Electronic Industries Alliance/Telecommunications Industry Association (EIA/TIA)

The Telecommunications Industry Association (TIA), formerly associated with the Electronic Industries Alliance (EIA), is a standards organisation that develops technical standards for telecommunications infrastructure and electronic systems. Historically known as EIA/TIA, the partnership produced widely adopted standards to ensure compatibility, safety and performance within networking and telecommunications systems. Their purpose is to create structured and consistent specifications so that cabling, connectors and network components function reliably together across different manufacturers and installations.

EIA/TIA standards focus heavily on structured cabling systems, data transmission performance and telecommunications infrastructure design. One of the most recognised standards is TIA-568, which defines wiring standards for commercial buildings, including cable categories (such as Cat5e, Cat6 and Cat6a), pin configurations (e.g., T568A and T568B), performance requirements and installation guidelines. These standards ensure that network installations support required data speeds, reduce interference, and maintain reliability. By following EIA/TIA standards, organisations can ensure consistent network performance, easier maintenance, future scalability and interoperability between equipment from different vendors.

 

British Standard (BS)

The British Standards Institution (BSI) is the United Kingdom’s national standards body, responsible for developing and publishing British Standards (often referred to as BS standards). Founded in 1901, BSI works with industry experts, government departments and consumer groups to create standards that ensure products, services and systems are safe, reliable and of high quality. British Standards support best practice across a wide range of sectors, including construction, engineering, information technology, cybersecurity and environmental management. BSI also represents the UK in international standardisation bodies such as ISO and the European standards organisations.

British Standards include both purely national standards (e.g., BS 7671 for electrical installations) and those adopted from European or international standards, often labelled as BS EN or BS ISO. They cover areas such as quality management, health and safety, environmental protection, information security and product testing. BSI also operates certification schemes such as the well-known Kitemark, which demonstrates that a product or service meets specific safety and performance requirements. By adhering to British Standards, organisations can demonstrate compliance with legal requirements, improve operational consistency and build customer confidence through recognised quality assurance.

 

Institute of Electrical and Electronics Engineers (IEEE)

The Institute of Electrical and Electronics Engineers (IEEE) is a global professional association dedicated to advancing technology in electrical engineering, electronics, computing and telecommunications. Founded in 1963, IEEE brings together engineers, researchers and industry professionals to develop technical standards, publish research, and promote innovation. One of its key purposes is to create internationally recognised standards that ensure technology systems are compatible, safe and interoperable across manufacturers and countries.

IEEE develops widely used technical standards, particularly in networking and communications. For example, the IEEE 802.3 standard defines Ethernet networking, while IEEE 802.11 defines Wi-Fi communication protocols. The IEEE 802 family of standards outlines how devices connect, transmit data and maintain reliable communication over wired and wireless networks. By following IEEE standards, manufacturers and organisations ensure devices such as routers, switches and network cards can communicate effectively, supporting consistent performance and global connectivity.

Payment Card Industry Security Standards Council (PCI SSC).

The Payment Card Industry Security Standards Council (PCI SSC) is an international standards body founded in 2006 by major payment card brands to improve the security of card payment transactions worldwide. Its primary purpose is to develop and maintain security standards that protect cardholder data and reduce payment fraud. The PCI SSC does not enforce laws itself; instead, it sets mandatory security requirements that organisations must follow if they store, process or transmit payment card information. Compliance is required by card issuers and acquiring banks, making adherence essential for businesses that accept card payments.

The PCI SSC is best known for developing the Payment Card Industry Data Security Standard (PCI DSS), which outlines technical and operational controls for safeguarding cardholder data. PCI DSS includes requirements such as maintaining secure networks and firewalls, encrypting transmitted data, implementing strong access control measures, regularly monitoring and testing networks, and maintaining an information security policy. The council also provides additional standards covering point-of-sale security and payment application security. By complying with PCI standards, organisations reduce the risk of data breaches, financial penalties and reputational damage while demonstrating a commitment to secure payment processing.

 

Stand up for Standards

The Digital Support and Security sector encompasses a wide range of areas that directly and indirectly influence how organisations operate, how devices function, and the processes and procedures that must be adhered to in order to maintain security, reliability and compliance.

The organisations and governing bodies referenced above play a significant role within this sector, helping to shape standards, best practice, legislation, and professional conduct.

Task:
Working in groups of no more than three, create a clear and simple presentation that summarises:
 - The organisation’s name and purpose
 - What the organisation does
 - The standards, guidance, or regulations it provides
 - Your understanding of its overall impact on the Digital Support and Security sector

Your presentation should demonstrate not only factual knowledge, but also your ability to explain why the organisation is important and how it influences professional practice within the industry.

4.2.4 Understand the purpose of acceptable use policies (AUP):

• purpose of AUP

• typical content:

o permitted activities

o prohibited activities

o working practices including confidentiality

o communication etiquette including projecting correct

organisation image

o sanctions/penalties.


Last Updated
2026-02-24 15:15:42
English and Maths

English


Maths


Stretch and Challenge

Stretch and Challenge


Homework

Homework


Equality and Diversity Calendar
How to's

How to's Coverage




Links to Learning Outcomes

Links to Assessment Criteria
 

Files that support this week

| | | | |

Next
Prev