return to tools

The ISF Benchmark

Measure the effectiveness and value of your security investments
Download the executive summary

The ISF Benchmark Executive Summary provides an easy to digest illustrative overview of how organisations can effectively use the ISF Benchmark to assess and improve their security arrangements.

At a time when organisations are being asked to demonstrate their resilience to cyber threats by government, suppliers and customers alike, the ISF Benchmark provides that objective analysis allowing you to measure both the effectiveness and value of your security investments.

The ISF Benchmark results are available in real time – as soon as you submit your data you can view results and begin your analysis and peer comparisons. This confidential initiative allows you to compare your performance against similar anonymous organisations around the world, as well as against six internationally recognized standards:

  • The Standard of Good Practice for Information Security 2020 (SOGP 2020) 
  • NIST Cybersecurity Framework 
  • CIS Top 20 Critical Security Controls for Effective Cyber Defense
  • Payment Card Industry Data Security Standard (PCI DSS) version 3.1
  • ISO/IEC 27002: 2013
  • COBIT 5 for Information Security.

The ISF Benchmark is updated every two years to align with the latest thinking in information security and to provide organisations with improved user experiences and added value.

I love the ISF tools, they make me think, they are part of our governance […] there are excellent people in the ISF sharing and developing these.