LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What's the difference between Leitlinie, Richtlinie, and Verfahren — and how do they map to the English Policy, Standard, Guideline, Procedure?

Leitlinie (Policy) = high-level intent, Richtlinie (Standard / Guideline) = concrete rules, Verfahren (Procedures) = step-by-step instructions. German loses the Standard/Guideline distinction.

Four-level tower mapping Policy=Leitlinie, Standard=Richtlinie, Guideline=Richtlinie, Procedure=Verfahren, from high-level intent down to step-by-step playbook

* Policy tower DE to EN: German collapses the mandatory Standard and the advisory Guideline into one word, Richtlinie — which is why audit consequences can differ. *

English German Detail level
Policy Leitlinie Überblick (overview, "we will protect customer data")
Standard Richtlinie Konkreter (e.g., "passwords must be 12+ chars")
Guideline Richtlinie Konkreter (e.g., "we recommend Argon2id for new systems")
Procedures Verfahren Konkret (step-by-step playbook)

"Es gibt leider immer einige Verwirrung um die Begriffe Leitlinie und Richtlinie" because German doesn't distinguish between mandatory standards and recommended guidelines — both become "Richtlinie."

Why this matters in audits: A control marked as "guideline" can be skipped with justification; a control marked as "standard" cannot. When translating between German and English ISMS docs, watch out — a German "Richtlinie" might be either, and the audit consequences differ.

Tip: Always state the binding force in the document itself ("Diese Richtlinie ist verbindlich für …") rather than rely on the term alone.

From Quiz: ISF / ISMS & Security Standards (ISO 27k, NIST, BSI) | Updated: Jul 14, 2026