The ISF Benchmark Executive Summary provides an easy to digest illustrative overview of how organisations can effectively use the ISF Benchmark to assess and improve their security arrangements.
At a time when organisations are being asked to demonstrate their resilience to cyber threats by government, suppliers and customers alike, the ISF Benchmark provides that objective analysis allowing you to measure both the effectiveness and value of your security investments.
The ISF Benchmark results are available in real time – as soon as you submit your data you can view results and begin your analysis and peer comparisons. This confidential initiative allows you to compare your performance against similar anonymous organisations around the world, as well as against six internationally recognized standards:
- The Standard of Good Practice for Information Security 2020 (SOGP 2020)
- NIST Cybersecurity Framework
- CIS Top 20 Critical Security Controls for Effective Cyber Defense
- Payment Card Industry Data Security Standard (PCI DSS) version 3.1
- ISO/IEC 27002: 2013
- COBIT 5 for Information Security.
The ISF Benchmark is updated every two years to align with the latest thinking in information security and to provide organisations with improved user experiences and added value.
I love the ISF tools, they make me think, they are part of our governance […] there are excellent people in the ISF sharing and developing these.
Discover how the ISF can help your organisation
Benchmark in Bitesize
Gain a comprehensive view of how ISF can support you in reviewing performance against your industry peers and industry frameworks.
Standard of Good Practice for Information Security
An internationally recognised set of good practice covering all aspects of cyber resilience, cloud security and information risk management.