Governance, Risk & Compliance - Templates & Policies

PCI DSS Compliance Communication Plan

Communication is half the battle with PCI compliance. Securing stakeholder buy-in can sometimes be a challenge. Gain support by using business language and focusing on...

PCI DSS Action Plan

Maintaining your compliance-related information in one central location is key in ensuring the success of your PCI compliance efforts. A primary document not only makes...

Security Metrics Summary Document

Use this template as the one document where your metrics and their definitions live, and update it as needed.

Document Retention Policy

The document retention policy ensures that copies of certain documents for legal, regulatory, and/or operations reasons are made, committing companies to good business...

Removable Media Acceptable Use Policy

The removable media acceptable use policy defines the standards, procedures, and restrictions for end users who have legitimate business requirements to connect portable...

Instant Messaging Usage and Security Policy

The instant messaging usage and security policy outlines the standards for the usage of, and security controls associated with, corporate instant messaging.

Administrative Rights Policy

The administrative rights policy grants access to individuals’ desktop, laptop, or other end-user devices within a company for those who are qualified and cleared to use...

Risk Management Program Manual

Formalizing a risk management program requires creating repeatable and iterative processes, and documenting best practices. Create a comprehensive manual to serve as the...

Risk Event Action Plan

Integrate IT risk management with business risk management by creating a paper trail for key risks.

Risk Report

Create a succinct, impactful document that summarizes the outcomes from the risk assessment and highlights the IT risk council’s top recommendations to the senior...
GET HELP Contact Us
×
VL Methodology