The summary presents best practice configuration check results
mapped to the control categories of industry standards, such as
the Center for Internet Security’s (CIS) Critical Security Controls
and the National Institute of Standards and Technology (NIST) publication
on Security Controls and Assessment Procedures. The purpose of this
information is to provide a good way to learn how BPA checks tie
to industry standards, not to act as an audit.