| Standard id | Standard | Clasification |
|---|---|---|
| SEC.STD.001 | Follow OWASP (Open Web Application Security Project) guideline to secure citizen service, e-service and government application systems | Mandatory |
| SEC.STD.002 | Follow Government of Bangladesh Information Security Manual (GoBISM) | Mandatory |
| SEC.STD.003 | Follow ISO/IEC/BDS 27001:2015 for Information security management System | Mandatory |
| SEC.STD.004 | Follow Cloud Computing Policy https://shop.cirt.gov.bd/product/cloud-computing-policy-2021/ |
Mandatory |
| SEC.STD.005 | Follow Secure Coding Guideline https://bcc.gov.bd/site/page/f64470aa-1f1d-406c-a7a9-54125efb2ed3/- | Mandatory |
| SEC.STD.006 | Follow Payment Card Industry Data Security Standard (PCI-DSS) for management of credit cards | Recommended |
| SEC.STD.007 | Follow Control Objectives for Information and related Technology (COBIT) - information security framework | Recommended |
| SEC.STD.008 | Follow Sarbanes-Oxley Act of 2002 (SOX) act is also known as the public company accounting reform and investor protection act. SOX requirements indirectly compel management to consider information security controls on systems across the organization in order to comply with SOX. | Recommended |
| SEC.STD.009 | Follow Digital Forensics Laboratory (DFL) guideline https://ictd.nothi.gov.bd/183/potrojariAttachmentRef/8961/0/10314 | Recommended |
| SEC.STD.010 | Follow ISO/IEC/BDS 31000:2018 for Risk Management Guidelines | Recommended |
| SEC.STD.011 | Follow CII (Critical Information Infrastructure) Security Guideline for CII organizations https://ictd.nothi.gov.bd/185/potrojariAttachmentRef/8961/0/10314 |
Recommended |
| SEC.STD.012 | Use FIDO (Fast IDentity Online) authentication standard where applicable | Recommended |
| SEC.STD.013 | Follow the standard ISO 22301:2019 Security and resilience — Business continuity management systems Requirements for Business Continuity Management |
Recommended |