A general rule or principle designed to steer actions or decisions in security practices. Such guidelines are essential for creating and maintaining standards for system and network security, data protection, threat mitigation, and regulatory compliance. Notable security guideline examples include the OWASP Top 10 for web application security, the NIST Cybersecurity Framework for comprehensive risk management, and the ISO 27001 standard for information security management systems.