Standards are everywhere in society. A visa card works across countries and banks because of standards. Standards developed by standard-setting organizations are also part of larger practices of governance in most societies today. Public institution both utilize and sometimes participate in standardization processes, and they may be important for public policy.

Nonetheless, standardization in organizations such as the International Organization for Standardization (ISO) and their national counterparts, are under-investigated from a policy process perspective. This might be because such standardization is conducted by private institutions, thus being outside the area of what has traditionally been viewed as “public policy.”

Standards are also voluntary to follow, although they often become de facto binding. The seemingly voluntary character may be another reason they seem as less in need of scrutiny and oversight than governmental processes, where the outcome is often mandatory.

If standards are important for policy processes and outcome, however, how standards are made should be scrutinized also from a public policy perspective.

The article Standardizing policy in a non-standard way – a public/private standardization process in Norway investigates a standardization process from a policy process perspective. The article presents a case study of a standardization process in Norway. It follows a policy proposal – a security risk assessment approach – as it “travels” between the government and the standard-setting organization “Standards Norway.” Since Standards Norway generally follows rules and norms for standardization set by the ISO and European Committee for Standardization (CEN), the national process becomes an example of such a standardization process. The case can thus provide insights beyond the national context.

The national level allows for a comparison of the standardization process with a previous policy phase, taking place within government, illuminating both commonalities and differences between the two.

The article finds that in both the governmental and standardization phases of the process, there were disagreements. In the governmental phase, the hierarchical structure of government and the single veto point (a ministry), made a decision possible despite disagreement.

The institutional structures of standardization, on the other hand, did not withstand pressure in the same way. In theory, the standardization process has strong institutional barriers, such as a consensus requirement. The barriers did not work as such, however. Instead, a new concept (security-risk) and a new risk assessment practice (security-risk assessment) was created to “solve” the disagreement, creating two professional “turfs” on which to professionalize. The consensus-requirement was thus circumvented, in that fewer professionals had to agree on the content of the standard.

The article argues that the differentiation between responsibility for the standardization process (the organization Standards Norway) and the content of the standard (the standardization committee) make the standardization process vulnerable. Finding common ground with other research on standardization, the article introduces the concept of “institutional deficit.” Standardization organizations produce policy (standards) in a government-like organization, but it is not structured such that it takes responsibility for these policies in a government-like way. As other scholars have noted, it becomes unclear who governs and who are de facto responsible.

The article contributes theoretically to the policy process literature. It refines the multiple streams approach originally developed by Kingdon. It builds on the call to “bring institutions back” into the theory, incorporating institutions to the analytical framework both as formal structures and as knowledge and ideas. The article thus responds to calls for integrating mainstream- and interpretive policy studies.

ISO refers to standards as the “formula that describes the best way of doing something…the distilled wisdom of people with expertise in their subject matter.”[1] The legitimacy of standards is in other words intimately linked to their quality and the assumed benefit of following them. The article shows that professional “turf,” more than consensus among a broad group of experts, became defining for the content of the standard. Given also other research on standardization, ISO’s statement of “distilled wisdom,” and standards as high quality, should be further investigated rather than taken for granted.

Public policy is often created in flux between public and private institutions. Public policy studies should thus investigate policy processes also within private institutions such as standard-setting organizations, to better understand governance of today.

– Anne Heyerdahl, University of Oslo

– The authors’ Journal of Public Policy article is available open access.