You are responsible for specifying security baselines for server and client endpoints in an organization that is expanding its digital footprint with new cloud services and on-premises infrastructure. Describe the process you would follow to establish these baselines, including the sources of information you would consult, the stakeholders you would involve, and the tools you would use to implement and monitor these baselines.