From net-security.org

Mac OS X (10.3) provides many built in security features that, when fully utilised, can greatly reduce the risk of a security incident. OS X is one of the most secure default installations when compared to other operating systems. The install follows the accepted best practice of disabling all network services unless explicitly enabled. The default security settings should suit the needs of most users in a workstation setting.

This guide is aimed at users in environments requiring stronger security controls in an operating system, making full use of the protection features offered in OS X. It would also be of use to system administrators wishing to enforce an organisation wide desktop security policy for Mac OS X.

Download the paper in PDF format here.