Resources · Templates

Templates for GRC teams

Reusable policy, questionnaire, and evidence structures for busy teams.

Vendor Risk6 min read

Vendor risk tiering template

A simple tiering model to decide which vendors need fast review, deep review, or ongoing monitoring.

Read article
Trust Center7 min read

Security questionnaire response template

A reusable structure for answering common buyer diligence questions with less copy-paste effort.

Read article
SOC 27 min read

SOC 2 evidence matrix template

A simple way to track each control, its evidence source, owner, and review cadence before fieldwork starts.

Read article
GDPR6 min read

GDPR vendor review questions for SaaS teams

A practical set of privacy-focused questions to ask subprocessors before approving them.

Read article
ISO 270017 min read

ISO 27001 statement of applicability template

A lightweight way to document which Annex A controls apply, why they apply, and how they are implemented.

Read article
GDPR7 min read

GDPR RoPA template for SaaS products

A practical structure for records of processing activities that product and compliance teams can maintain together.

Read article
HIPAA6 min read

HIPAA business associate review template

A review structure for third parties that can create, receive, maintain, or transmit PHI on your behalf.

Read article
Trust Center6 min read

Trust center content map

A simple framework for deciding what belongs in your trust center, what should be gated, and what should stay internal.

Read article
Audit readiness6 min read

Audit request intake template

A lightweight template for capturing auditor requests, owners, due dates, and evidence status in one place.

Read article