The guys (and girls) from BHIS have put together an excellent list of GPO’s that every company that takes Information security serious, should apply. Have a look here:
https://www.blackhillsinfosec.com/webcast-group-policies-that-kill-kill-chains/
“What’s a ‘kill chain’ again?”, I hear you asking. I’ve got that covered too 🙂
https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html