Without knowing their requirements it's difficult to suggest which benchmark is best suited to their needs. The CIS benchmark is very popular and widely recognized as one of the core compliance guidelines. PCI is popular for businesses which deal with credit card payments. In practice, CIS and PCI are very similar. Health care companies will be interested in the HIPAA benchmark, and STIG is commonly used by companies that may deal with the U.S. government.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.