The Consensus Audit Guidelines Project is a joint effort, by a broadly-based group of security and audit experts inside and outside government, to identify the core elements of security programs that (1) are essential because they can actually block or mitigate attacks that are hitting federal systems, (2) can be measured in a reliable way so that executives can rely on the conclusions.