The ISF Benchmark is a strategic tool available to any organisation and is not restricted to ISF Member organisations.

At a time when organisations are being asked to demonstrate their resilience to cyber threats by government, suppliers and customers alike, the Benchmark provides that objective analysis allowing you to measure both the effectiveness and value of your security investments.

Benchmark results are available in real time – as soon as you submit your data you can view results and begin your analysis and peer comparisons. This confidential initiative allows you to compare your performance against similar anonymous organisations around the world, as well as against seven internationally recognized standards:

  • ISF Standard of Good Practice for Information Security  
  • NIST Cybersecurity Framework 
  • SANS Top 20 Critical Security Controls for Effective Cyber Defense 
  • Payment Card Industry Data Security Standard (PCI DSS) version 3.1
  • ISO/IEC 27002: 2013
  • COBIT 5 for Information Security
  • ISO/IEC 27002: 2005.

The Benchmark is updated every two years to align with the latest thinking in information security and to provide organisations with improved user experiences and added value.

Benchmark as a Service

The Benchmark is included in Full Membership of the ISF.

Organisations who are not Members of the ISF, can select from the following categories of Benchmark as a Service:

  • 3 months access to Benchmark as a Service – providing unlimited use of the Benchmark across the enterprise, including 5 days Services to Assist for implementation.
  • 12 months access to Benchmark as a Service – providing unlimited use of the Benchmark across the enterprise, including 5 days Services to Assist for implementation.

All Benchmark as a Service users will receive a set of guidance documents to help them through the phases of using the online Benchmark tool and Benchmark service.

In addition to 5 days Services to Assist:

  • 3 month Benchmark as a Service users will receive a 1 hour webcast tutorial to assist with completing questionnaires and a further 1 hour webcast tutorial to assist with using the results reporting facility.
  • 12 month Benchmark as a Service users will receive a total of 4 webcast tutorials to assist with completing questionnaires and using the results reporting facility.

One of the best features of the ISF Benchmark is how the peer group comparisons can help senior security practitioners shape and position their security strategy for discussion with business leadership.

ISF Member, Financial Services sector

Executive Summary

The ISF Benchmark and Benchmark as a Service

Please fill out the form below to download a complimentary Executive Summary.

Please provide your details to download this document:

Please check this box to confirm that you have read and agree with our Privacy Policy and Terms Of Use

By downloading this document you agree to being contacted by the ISF.

Please enter the email address you previously registered with to access the download: