| 1.1.3.2.3 Ensure 'VBA Macro Notification Settings' is set to Enabled (Disable all Except Digitally Signed Macros) | CIS Microsoft Office Access 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.6.2 Ensure 'Default File Format' is set to Enabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.1.7 Ensure 'dBase III /IV Files' is set to Enable (Open/Save blocked, use open policy) | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.7.2.3.1 Ensure 'Allow Trusted Locations on The Network' to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.3.2 Ensure 'Disabled all Trusted Locations' is set to Enabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.4 Ensure 'Trust Access To Visual Basic Project' is set to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.5 Ensure 'Disable Trust Bar Notification For Unsigned Application Add-ins And Block Them' is set to Enabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.6 Ensure 'Require That Application Add-ins are Signed By Trusted Publisher' is set to Enabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.7.3 Ensure 'Turn Off File Validation' is set to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.5 Ensure' Scan Encrypted Macros in Excel Open XML Workbooks' is set to Enable (Scan encrypted macros (default)) | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.6.2.2.1 Ensure 'Document Behavior if File Validation Fails' is set to Enabled (Open in Protected View (Unchecked)) | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.6.2.2.2 Ensure 'Do not open from the Internet zone in Protected View' is set to Disabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.6.2.2.4 Ensure 'Do not open files in unsafe locations in Protected View' is set to Disabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.6.2.4 Ensure 'Disable Trust Bar Notification for Unsigned Application Add-ins and Block Them' is set to Enable | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.6.3 Ensure 'Make Hidden Markup Visible' is set to Enabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.1.1.3.2.3 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.4.2 Ensure 'Do not prompt to convert older databases' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.1.2 Ensure 'Ask to update automatic links' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.5.1.1 Ensure 'Internet and network paths as hyperlinks' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.6.1 Ensure 'Default file format' is set to 'Enabled: Excel Workbook (*.xlsx)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.6.2 Ensure 'Disable AutoRepublish' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL |
| 2.2.4.7.2.2.3 Ensure 'Excel 2 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.14 Ensure 'Web pages and Excel 2003 XML spreadsheets' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.3.6 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.5 Ensure 'Block Excel XLL Add-ins that come from an untrusted source' is set to 'Enabled: Blocked' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.7.2.13 Ensure 'Trust access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.7.4 Ensure 'Scan encrypted macros in Excel Open XML workbooks' is set to 'Enabled: Scan encrypted macros (default)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.5 Ensure 'Turn off file validation' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.1.2.2 Ensure 'Do not allow users to change permissions on folders' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 2.5.1.2.3 Ensure 'Enable RPC encryption' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.5.2 Ensure 'Do not include Internet Calendar integration in Outlook' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.10.6.1.2 Ensure 'Do not allow folders in non-default stores to be set as folder home pages' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.1.2.2 Ensure 'Prevent publishing to a DAV server' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.1.2.3 Ensure 'Prevent publishing to Office.com' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.3.2 Ensure 'Read signed e-mail as plain text' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.14.1.1 Ensure 'Automatically download content for e-mail from people in Safe Senders and Safe Recipients Lists' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.1.2 Ensure 'Block Trusted Zones' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.1.6 Ensure 'Remove file extensions blocked as Level 2' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.3.3 Ensure 'Configure Outlook object model prompt When accessing the Formula property of a UserProperty object' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.4.1 Ensure 'Allow hyperlinks in suspected phishing e-mail messages' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.6.5.2 Ensure 'Disable Slide Update' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.2.2.2 Ensure 'Do not open files in unsafe locations in Protected View' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.3.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.1.3 Ensure 'Word 2000 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.4 Ensure 'Word 2003 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.8 Ensure 'Word 97 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.2.2 Ensure 'Do not open files in unsafe locations in Protected View' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.8.7.2.9 Ensure 'Trust access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.4 Ensure 'Turn off file validation' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Always open untrusted database files in Protected View | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
