I ran into this issue today while trying to run the Microsoft BPA (Best Practices Analyzer) 2.3 on a Windows Server 2012 R2 box with IIS 8.5 installed. Below is the full text of the error:
"Unable to scan IIS status - The IIS Common Files are not installed on the local computer. Refer to the system requirements list under the Microsoft Business Security Analyzer Help."
Here's the short fix:
Go back into Roles and under Web Server (IIS) and install IIS 6 Management Compatibility --> IIS 6 Metabase Compatibility.
Apparently from what I find this is a Windows Server 2003 item that hasn't been updated in the current server platform documentation on the MBSA to reflect the need for this additional set of files.
The longer explanation is that in order for the MBSA to be able to scan IIS properly it needs to have IIS 6 Management Compatibility turned on and more specifically the IIS 6 Metabase Compatibility.
I hope this one helps as it took me quite a bit of research to run this issue down.