What are the components of the organization security framework

What are the components of the organization security framework?
Policies are the basis framework used for a security program. Which are constructed as the organization security objectives. That stipulate specific guidelines and regulations with security issues and they include the purpose, scope, responsibilities, and compliance. They are used to prevent irregularities in the system by specifying detailed standards for procedures. They serve as controls in instructing the staff on the appropriate actions pertaining to security (Brighthub, 2016).
What is the differences between policies, standards, and guidelines?
• Policy are a set of objectives that stress the principles and method for the company to ensure that their assets are protected. They are developed by upper management and should be reviewed regularly for updates. A security policy is a “living document,” meaning that the document is never finished and is continuously updated as technology and employee requirements change (Brighthub, 2016).
• Standards are the level in which procedures are emphasized in the organization policies and how they should be performed (Pearson, 2018).
• Guidelines are a statement that is made in policy that recommends the action that must be taken to follow the organization policies (Pearson, 2018).
How do these apply to database security? They are essential for the organization to have a complete and thorough security plan.