Every template here was built for a real program, used in production, and refined through audits, board presentations, and live incidents. Download, customize, and deploy.
All 6 templates in one download — the complete toolkit for building or modernizing a GRC, resilience, or ERM program. Saves $150 vs. buying individually.
Every template is a standalone, production-ready document with instructions, examples, and customization notes.
Define ownership, workflows, escalation paths, and governance structures that actually reflect how your org makes decisions.
Quantitative risk scoring with expected-loss methodology, likelihood/impact scales, and board-ready reporting output.
Structured BIA for identifying critical processes, dependencies, RTOs/RPOs, and recovery priorities across your organization.
Tiered vendor assessment covering security, resilience, compliance, and contractual requirements — aligned to NIST and ISO 27001.
End-to-end tabletop exercise design — scenario library, facilitator guide, participant materials, and post-exercise reporting.
Pre-built control library with cross-framework mapping across SOC 2, ISO 27001, NIST CSF, DORA, and FFIEC.
Word (.docx) and Excel (.xlsx) formats, plus a PDF reference version. All fully editable with instructions and completed examples.
They're built to be framework-flexible. Primary references are NIST CSF, ISO 27001, SOC 2, and DORA, but the structures work across financial services, technology, and enterprise organizations of any size.
Yes. A single purchase includes a commercial license for use in your own consulting work. You cannot resell the templates as standalone products.
If you need a template adapted for a specific framework, organization size, or regulatory requirement, get in touch. I offer advisory and customization engagements.