For the first time in the more than 20 years that the ISF has been offering benchmarking, the new ISF BaaS facility is available to any organization and is not restricted to member organizations, subject to specific fees and conditions. After submission of single or batches of questionnaires, users will receive instant, real-time access to the Benchmarking reporting facility, including an online analysis module and individual reports for questionnaires completed.
“Our BaaS tool is unrivalled as it provides organizations with an in-depth assessment of their security arrangements. Benchmark results are available immediately – as soon as you submit your data you can receive results. This allows organizations to compare their performance against similar, anonymous organizations around the world, as well as against the ISF’s Standard of Good Practice for Information Security (The Standard), ISO/IEC 27002 and COBIT 5 for information security,” said Steve Durbin, Global Vice President, ISF. “At a time when organizations are being asked to demonstrate their resilience to cyber threats by government, suppliers and customers alike, the ISF BaaS provides that objective analysis allowing you to measure both the effectiveness and value of your security investments.”
Organizations can select from the following categories of BaaS products:
• Quarterly Benchmark as a Service ($8,000/quarter)
• Annual Benchmark as a Service ($20,000/year)
For more information about the ISF’s BaaS, or to sign up to use the service, please contact Steve Durbin at steve.durbin@