What are "baseline security controls" as discussed in DSAC Annex B?

Baseline security controls refer to minimum security measures that organizations are required to implement to protect their data effectively. These controls are established based on industry standards and organizational policies to ensure a foundational level of security is maintained throughout the organization's systems and processes.

These measures serve as a baseline for security protocols that need to be in place to mitigate risk and protect against vulnerabilities. They provide a starting point for organizations to build upon, ensuring that essential protections are in place regardless of the unique circumstances or additional measures an organization might elect to implement.

This foundational approach allows for consistency in security practices and compliance with regulations, ultimately enhancing the organization’s resilience against potential threats. In contrast, the other options describe either features that are not mandatory, contextual variations, or advanced functions that do not form the foundational security requirement emphasized by the concept of baseline security controls.