What security standards/best practices cover data exchange between two different applications

I would like to know if there is already a ready-to-use security best practice/framework/standard out there that covers the following:

\- Data exchange between 2 or more applications. These applications may reside in two or different perimeters and have different security postures or criticality.

\- Apart from the network overhead, and application availability, from a security perspective, when should one decide to go for web service (between two applications) or direct database access (the database could play the role of …

applications best practices cybersecurity data exchange practices security security standards standards