According to ISC2. The security roles hierarchy is Regulation-> Standard-> Policies->Procedures.

Whereas every other areas of study i find a different hierarchy

Regulation->Policies->Standards->Guidelines-> Procedure.

I have my exam tomorrow, and i'm really confused about which one is right. Can someone please help me on this? Your answers would be highly appreciated.