If you work for or with the US federal government, you may have heard of the Federal Desktop Core Configuration (FDCC) program, as well as the Security Content Automation Protocol (SCAP).  See these links for more information:

My group, the Solution Accelerators Team, recently released a beta of a new tool that can also help with this: the SCAP Conversion Tool for DCM.  See http://www.microsoft.com/downloads/details.aspx?FamilyID=22e5b9a0-fa7b-4d43-bcea-7084ae6f40f5&displaylang=en for the download.  Basically, this tool will take an SCAP definition file and convert it into a Configuration Manager 2007 DCM configuration pack.  Then you can use ConfigMgr to validate your compliance with the SCAP baselines.