During the Reconcile process, you can select an industry standard baseline as your term of comparison.
You can choose to compare your tenant to:
- CIS baseline
CIS M365 Benchmark
The CIS baseline provides a suite of security configurations that conform with the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark v3.1.0. Each configuration fulfills specific CIS controls and aligns to a benchmark level (L1 or L2). For more information on this CIS Benchmark, see the CIS website. Please note, some CIS benchmark controls require manual remediation in a tenant and are not covered by this industry standard baseline.
To learn more about each configurations in the CIS baseline see the file below.
To download the file
- Click the “Save” button at the top right of the presentation.
- This button generally appears as a “floppy disk” icon on Windows PCs or a downward arrow icon on Macs.
Selecting the CIS baseline in Reconcile
To select the CIS baseline as a term of comparison, in the Reconcile page,
- Firstly, select the tenant you wish to compare to the industry standard baseline from the “Tenant” dropdown menu
- Select the desired tenant's version
- Make sure che “Compare with” checkbox is checked
- From the “Option” menu, select “Industry baseline”
- In the “Baseline name” box, select “CIS”
- Select “Apply”
- Proceed with the standard Reconcile flow
CIS baseline tag
On “Reconcile”, by expanding “Configuration Types”, you will find industry benchmark tags associated to specific configurations.
These tags are identifiers that help you easily spot which configurations belong to the CIS baseline. They provide a clear view of which specific CIS configurations are covered, allowing you to understand your compliance status.
By clicking on the CIS tag, a pop-up will appear, informing you of the CIS control that the configuration aligns with:
