or preferred supplier basis. The prices of training users on
            multiple systems may also be higher, and make it difficult to
            move staff between departments that are using different
            equipment.

            Standards provide benefits but also come at a cost. The
            enforcement of a rule may be seen as inflexible for parts of the
            business. That would be like the option of choosing their own
            solution or purchasing an application better suited for their local
            needs or to support local businesses. In the world of Bring Your
            Own Device (BYOD), this is becoming increasingly difficult to
            manage. Many users want to use their own, non-standard, and
            often uncontrolled devices.

            Another risk associated with enforcing a standard for equipment
            or software may be the vulnerability of relying on one vendor.
            That could increase the chance that a breach or problem with
            that vendor may expose the entire organization to a potential
            threat.



            Baselines
            A baseline is usually described as the requirement for a standard
            configuration. The organization may have a required baseline
            configuration. That baseline may mandate that all devices that
            connect to the organization's network have an up-to-date anti-
            virus product. By setting out a benchmark for all devices that
            relate to the organization's network, the organization can better
            control the risk of malware. Many organizations have found that
            it is preferable to set mandatory thresholds or baselines for
            machines and software that is connected to corporate systems or
            networks. If the organization has required a personal firewall for