Resources

Resource Catalog

Policies, templates, guides, runbooks, and tabletop exercises you can reuse across clients.

How to use this

Filter by resource type, search by title/tags, then download, generate, or view. Later, these can be linked directly to findings inside Risk Workspace.

Blue is for navigation / focus. Orange highlights section titles and primary actions.

Browse resources

Showing 30 of 30

Search by title, summary, or tags. Filter by resource type.

Policies

3 items

Recommended policy resources for client delivery.

Policy

Resource

Information Security Policy

Defines the organization’s approach to protecting information assets, systems, and data across people, process, and technology.

policybaselineCISNIST

Generate →

Policy

Resource

Acceptable Use Policy (AUP)

Baseline acceptable use rules for corporate devices, email, and systems.

policybaselineCISNIST

Generate →

Policy

Resource

AI Acceptable Use Policy

Rules for responsible AI use, approved tools, and data handling for client review.

policyaibaselineCIS

Generate →

Frameworks

10 items

Recommended framework resources for client delivery.

Framework

Resource

NIST CSF 2.0

A risk-based framework to understand, assess, prioritize, and communicate cybersecurity outcomes across Identify, Protect, Detect, Respond, and Recover.

frameworksecurity-postureNISTbaseline

View →

Framework

Resource

CIS Controls v8

A prioritized set of 18 safeguards to reduce the most common cyber risks; practical for SMB and enterprise control implementation.

frameworkcontrol-implementationCISbaseline

View →

Framework

Resource

NIST SP 800-61 Rev. 3

Incident response recommendations and considerations aligned to cybersecurity risk management activities (CSF 2.0 alignment).

frameworkincident-responseNIST

View →

Framework

Resource

ISO/IEC 27001

International standard specifying requirements for an Information Security Management System (ISMS).

frameworkgovernanceISOISMS

View →

Framework

Resource

SOC 2

Assurance reporting framework for service organizations based on Trust Services Criteria (security, availability, processing integrity, confidentiality, privacy).

frameworkcustomer-trustSOC2AICPA

View →

Framework

Resource

MITRE ATT&CK

A knowledge base of adversary tactics and techniques used to drive threat modeling, detection engineering, and threat-informed defense.

frameworkthreat-modelingMITRE

View →

Framework

Resource

NIST AI RMF 1.0

Guidance to manage risks of AI systems and improve trustworthiness across Govern, Map, Measure, and Manage functions.

frameworkai-governanceNISTAI

View →

Framework

Resource

NIST Privacy Framework

A voluntary framework to help organizations identify and manage privacy risk through enterprise risk management.

frameworkprivacyNIST

View →

Framework

Resource

GDPR (Regulation (EU) 2016/679)

EU regulation governing personal data protection and privacy rights, including lawful processing, data subject rights, and accountability obligations.

frameworkprivacyGDPREU

View →

Framework

Resource

ISO 22301

International standard for Business Continuity Management Systems (BCMS) to build resilience and recover from disruptive incidents.

frameworkresilienceISOBCMS

View →

Runbooks

1 items

Recommended runbook resources for client delivery.

Runbook

Resource

Incident Response Quick Runbook

A one-page IR checklist for triage, containment, and communications.

runbookincident-response