NIST logo

Analysis Model for Selection of Private Sector Consensus Standards*

 

Applicability of standard

  • Is it clear who should use the standard and for what applications?
  • How does the standard fit into the Federal Enterprise Architecture (FEA)?
  • What was done to investigate viable alternative standards (i.e., due diligence) before selecting this standard?

Availability of standard

  • Is the standard published and publicly available?
  • Is a copy of the standard free or must it be purchased?
  • Are there any licensing requirements for using the standard?

Completeness of standard

  • To what degree does the candidate standard define and cover the key features necessary to support the specific functional area or service?

Implementations to standard

  • Does the standard have strong support in the commercial marketplace?
  • What commercial products exist for this standard?
  • Are there products from different vendors in the market to implement this standard?
  • If the standard is proprietary, are there nevertheless many products readily available from a variety of vendors?
  • Are there any existing or planned mechanisms to assess conformity of implementations to the standard?

Interoperability of standard

  • How does this standard provide users the ability to access applications and services through Web services?
  • What are the existing or planned mechanisms to assess the interoperability of different vendors? Implementations?

Legal considerations

  • Are there any patent assertions made to this standard?
  • Are there any IPR assertions that will hinder USG distribution of the standard?

Maturity of standard

  • How technically mature is the standard?
  • Is the underlying technology of the standard well-understood (e.g., a reference model is well-defined, appropriate concepts of the technology are in widespread use, the technology may have been in use for many years, a formal mathematical model is defined, etc.)?
  • Is the standard based upon technology that has not been well-defined and may be relatively new?

Source of standard

  • What standards body developed and now maintains this standard?
  • Is this standard a de jure or de facto national or international standard?
  • Is there an open process for revising or amending this standard?

Stability of standard

  • How long as this standard been used?
  • Is the standard stable (e.g., its technical content is mature)?
  • Are major revisions or amendments in progress that will affect backward compatibility with the approved standard?
  • When is the estimated completion date for the next version?

*Web-based sources for information about private sector consensus standards include:

European annual survey of Information and Communication Technology (ICT) standards developers 

American National Standards Institute search engine for standards