During the Reconcile process, you can select an industry standard baseline as your term of comparison.
You can choose to compare your tenant to:
- CIS baseline
- Essential Eight baseline
CIS M365 Benchmarks
The CIS baseline provides a suite of security configurations that conform with the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark. Each configuration fulfills specific CIS controls and aligns to a benchmark level (L1 or L2). For more information on this CIS Benchmark, see the CIS website. Please note, some CIS benchmark controls require manual remediation in a tenant and are not covered by this industry standard baseline.
Configuration Manager supports
- the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark v5.0.0.
- the Center for Internet Security (CIS) Microsoft 365 Foundations Benchmark v3.1.0 (previous version)
To learn more about each configurations in the CIS baseline see the sections below.
Microsoft 365 Foundations Benchmark v5.0.0
See below the list of configurations for the CIS Microsoft 365 Foundations v5.0.0:
To download the file
- Click the “Save” button at the top right of the presentation.
- This button generally appears as a “floppy disk” icon on Windows PCs or a downward arrow icon on Macs.
Microsoft 365 Foundations Benchmark v3.1.0
See below the list of configurations for the CIS Microsoft 365 Foundations v3.1.0:
To download the file
- Click the “Save” button at the top right of the presentation.
- This button generally appears as a “floppy disk” icon on Windows PCs or a downward arrow icon on Macs.
Selecting the CIS baseline in Reconcile
To select either CIS baseline version as a term of comparison, in the Reconcile page,
- Firstly, select the tenant you wish to compare to the industry standard baseline from the “Tenant” dropdown menu
- Select the desired tenant's version
- Make sure che “Compare with” checkbox is checked
- From the “Option” menu, select “Industry baseline”
- In the “Baseline name” box, select the “CIS” version to use. You can choose among:
- Microsoft 365 Foundations Benchmark v5.0.0
- Microsoft 365 Foundations Benchmark v3.1.0
- Select “Apply”
- Proceed with the standard Reconcile flow
CIS baseline tags
On “Reconcile”, by expanding “Configuration Types”, you will find industry benchmark tags associated to specific configurations.
These tags are identifiers that help you easily spot which configurations belong to the CIS baseline. They provide a clear view of which specific CIS configurations are covered, allowing you to understand your compliance status.
By clicking on the CIS tag, a pop-up will appear, informing you of the CIS control that the configuration aligns with:
