Self-assessments of the system of internal control should be aligned with the risk assessment process and completed at least annually or upon any major change to the...
|
|
Use this template as the one document where your metrics and their definitions live, and update it as needed.
|
|
Identify and manage key stakeholders to improve your relationships within the organization.
|
|
Once you have completed the CISO Stakeholder Power Map activity, use this tool to create a strategy to cultivate your stakeholder relationships, and manage each...
|
|
Looking for a vulnerability scanning tool? Use this Request for Proposal (RFP) template to get you started.
|
|
Use this template to define a formal charter for your Data Classification Steering Committee by clearly listing goals, expectations, and agenda items.
|
|
Use this template to thoroughly outline details of the data classification program, including classification levels, data handling requirements, and disclaimers.
|
|
Use this template to take a lean approach to scoping initiatives during planning stages and tracking its progress during its execution.
|
|
Formalizing a risk management program requires creating repeatable and iterative processes, and documenting best practices. Create a comprehensive manual to serve as the...
|
|
Integrate IT risk management with business risk management by creating a paper trail for key risks.
|
|