Security Resources
& Templates
Battle-tested templates, frameworks, and checklists from our consulting engagements. Built for security teams that need to move fast without cutting corners.
Compliance Templates
3 resources available
HIPAA Compliance Checklist
45-point checklist mapping HIPAA Administrative, Physical, and Technical Safeguards to NIST SP 800-66r2 and the 2025 HHS proposed Security Rule update.
Read the in-depth article →PCI-DSS Self-Assessment Questionnaire Guide
Step-by-step guide to completing your SAQ with common pitfalls and remediation strategies.
SOC 2 Type II Readiness Assessment
Pre-audit readiness template covering all 5 Trust Service Criteria with gap analysis framework.
Security Frameworks
3 resources available
Zero Trust Architecture Implementation Roadmap
Phased Zero Trust adoption plan grounded in NIST SP 800-207 and CISA's Zero Trust Maturity Model v2.0, with a maturity scorecard for SMB-scale teams.
Read the in-depth article →NIST Cybersecurity Framework Mapping Template
Map your current controls to NIST CSF categories. Identify gaps and prioritize investments.
Risk Assessment Methodology Guide
Quantitative and qualitative risk assessment templates with scoring matrices and heat maps.
Incident Response
3 resources available
Incident Response Plan Template
Editable IR plan covering preparation, detection, containment, eradication, recovery, and post-incident review — aligned to NIST SP 800-61r3.
Read the in-depth article →Ransomware Response Playbook
Step-by-step playbook for ransomware incidents including communication templates and decision trees.
Business Email Compromise (BEC) Response Guide
Detection indicators, containment procedures, and financial recovery steps for BEC attacks.
Policy Templates
3 resources available
Information Security Policy Suite
10 essential security policies including Acceptable Use, Data Classification, Access Control, and more.
Vendor Risk Management Program
Third-party risk assessment questionnaire, scoring criteria, and ongoing monitoring framework.
Employee Security Awareness Program
12-month training calendar, phishing simulation plan, and metrics tracking dashboard.
Need Something Custom?
These templates are a starting point. Every organization is different. Let's build a security program tailored to your specific industry, size, and risk profile.
Not sure where to start? Take the 2-minute assessment and we'll point you at the right resource.