Free security templates

NIST CSF regulatory mappings


Requirements mapping template

  • Business and regulatory requirements for the health clinic example
  • Security requirements for the health clinic example, based on Business and regulatory requirements

Security measures mapping template

  • Mapping security requirements to NIST CSF Sub-categories

Security measures mapping visualization template

  • Visualizing requirements to security measures mapping
  • Visualizing security measures to NIST CSF, and cloud responsibility mapping

Risk assessment template

  • Methodology
  • Assessment
  • Risk matrix
  • Mapping to NIST CSF

Cloud Security Strategy template

  • Business objectives
  • External drivers
  • Risk
  • Cloud adoption principles
  • Goals

Defense in depth assessment template

  • Requirements + description
  • NIST CSF categories

Defense in depth circle template

  • Visual representation of all architectural layers
  • Visual representation of NIST CSF functions

GDPR mapping visualization template

  • NIST CSF sub-category visualization
  • GDPR mapping visualization

HIPAA mapping visualization template

  • NIST CSF sub-category visualization
  • HIPAA mapping visualization

NIST CSF Compliance mappings

  • NIST CSF Core to HIPAA mapping
  • NIST CSF Core and NIST CSF Privacy framework to GDPR mapping

Security architecture specification

  • Methodology
  • Business and regulatory requirements
  • Strategy and goals
  • Security requirements
  • Risk and mitigation
  • Compliance
  • Security measures and resilience

Security policy template

  • Scope of applicability
  • Target audience
  • Policy statements
  • Roles and responsibilities
  • Compliance metric objective

Security directives template

  • Business objectives for security
  • Scope
  • Security objectives
  • Principles
  • Roles and responsibilities

Security standard template

  • Scope of applicability
  • Control statements
  • Compliance monitoring
  • Background information
  • Roles and responsibilities

Cloud security governance framework

  • Direct
  • Monitor
  • Evaluate