Almost everyone has heard the term “best practice.” While the term has become ubiquitous in recent years, the first record of its use was around 1927. But what does that term really mean? Webster’s Dictionary defines it as: “A procedure that has been shown by research and experience to produce optimal results and that is established or proposed as a standard suitable for widespread adoption.” Since everyone seems to cite Wikipedia as a source these days, it goes a step further and defines it as follows: “A best practice is a method or technique that has been generally accepted as superior to any alternatives because it produces results that are superior to those achieved by other means or because it has become a standard way of doing things, e.g., a standard way of complying with legal or ethical requirements. Best practices are used to maintain quality as an alternative to mandatory legislated standards and can be based on self-assessment or benchmarking. Best practice is a feature of accredited management standards such as ISO9000 and ISO 14001.”
So, who decides something is a “Best Practice?” There are myriad standards established by bodies such as the International Standards Organization (ISO), American National Standards Institute (ANSI), National Fire Prevention Association (NFPA) and Underwriters Lab (UL), to name just a few. There are also guidelines and templates that are established by government entities such as the National Institute of Standards (NIST) and the National Industrial Security Program (NISP) which are many times then backed by regulatory bodies which enforce compliance. Additionally, industry associations frequently work with their members to benchmark proven methods that they identify as best practices within their particular sector.