Technical standards are developed by organizations like the NIST or IEEE after a lot of research, proof of concepts, peer reviews and debate, and discussion. The technical standards in a policy definition document identify and enumerate these industries recommended standards that will help enforce an IT policy. An IT administrator who is implementing the policy is aware of the standards and adheres to them. A technical standard could be the encryption algorithm and key size for encryption of hard disks. By following and implementing security controls according to the specified standard the risks are minimized and that security control can be said to be current with prevailing standards.