What Templates Are Available for My KCM GRC Platform?

We offer a wide variety of managed templates for your use in the KCM GRC platform. While our managed templates are updated on an ongoing basis, please take a look at the version information that we've included from the template's publisher. That way, you can confirm that our template is current for your organization's purposes.

Below you will find an inventory of the managed templates that we currently offer. Please contact your KCM Customer Success Manager if you'd like to add one of these templates to your console. 

JUMP TO: 

A - B - C - D - E - F - G - H - I - L - M - N - O - P - R - S - T - U - V - W

A

• ACCSC Self Evaluation v2015
• American Land Title Association Assessment Procedures v3.0
• Association of Corporate Counsel (ACC) Model Information Protection and Security Controls for Outside Counsel v2017
• Australian Privacy Act v12.2018
• Australian Prudential Standard CPS 234 v7.2019
• Australian Signals Directives Information Security Manual v3.2019*

Back to Top

B

• Bank Secrecy Act Examination Manual v2014
• BDSG - German Federal Data Protection Act v6.2017
• Brazilian Data Protection Law (LGPD) v2018

Back to Top

C

• California Consumer Privacy Act Final Text v12.2020
• California Consumer Privacy Act AB 25 v1.0 (Amendment to California Consumer Privacy Act)
• California Consumer Privacy Act AB 713 v1.0 (Amendment to California Consumer Privacy Act)
• California Consumer Privacy Act AB 1130 v1.0 (Amendment to California Consumer Privacy Act)
• California Consumer Privacy Act AB 1146 v1.0 (Amendment to California Consumer Privacy Act)
• California Consumer Privacy Act AB 1355 v1.0 (Amendment to California Consumer Privacy Act)
• California Consumer Privacy Act AB 1564 v1.0 (Amendment to California Consumer Privacy Act)
• California Consumer Privacy Act AB 1202 v1.0 (Amendment to California Consumer Privacy Act)
• California Proposition 65 v2019
• Canada's Anti-Spam Legislation (CASL) v2019
• Cayman Islands Data Protection Laws v6.2017
• CIS Critical Security Controls Implementation Group 1 7.1
• CIS Critical Security Controls Implementation Group 2 7.1
• CIS Critical Security Controls Implementation Group 3 7.1
• CJIS Security Policy v5.9
• Cloud Computing Compliance Controls Catalogue v9.2017
• Cloud Security Alliance - CCM v3.0.1
• Colorado Data Protection Law v9.2018
• Commonwealth of Virginia Hosted Environment Information Security Standard SEC 525 v04.1
• Commonwealth of Virginia ITRM Standard SEC501 v11.2
• Connecticut Insurance Data Security Law v10.2019
• Customs Trade Partnership Against Terrorism v3.2020
• Cybersecurity Law of the People’s Republic of China v6.2017
• Cybersecurity Maturity Model Certification (CMMC) Level 1 v1.02*
• Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.02*
• Cybersecurity Maturity Model Certification (CMMC) Level 3 v1.02*
• Cybersecurity Maturity Model Certification (CMMC) Level 4 v1.02*
• Cybersecurity Maturity Model Certification (CMMC) Level 5 v1.02*

Back to Top

D

• DFARS NIST 800-171 SA v11.2017

Back to Top

E

• Electricity Subsector Cybersecurity Capability Maturity Model v1.2014

Back to Top

F

• FDA 21CFR11 v4.2019
• FedRAMP High Baseline Controls v6.2020
• FedRAMP LI-SaaS Baseline v6.2020
• FedRAMP Low Baseline Controls v6.2020
• FedRAMP Moderate Baseline Controls v6.2020
• FERPA v12.2011
• FFIEC Cybersecurity Tool 2015
• FFIEC IT Examination Handbook 2016
• Financial Services Sector Coordinating Council (FSSCC) v1.0
• Freedom of Information and Protection of Privacy Act v11.2019

Back to Top

G

• General Data Protection Regulation (GDPR) v1.0*
• Gramm-Leach-Bliley Act Privacy Rule v5.2000
• Gramm-Leach-Bliley Act Safeguard Rule v5.2002

Back to Top

 H

• Higher Education Community Vendor Assessment Tool Lite (HECVAT) v2.11
• HIPAA Privacy and Breach v1.0*
• HIPAA Security Rule v1.0*
• HITECH v1.0*

Back to Top

I

• Illinois Personal Information Protection Act v2019
• Interagency Guidelines - Information Security Standards v8.2013
• International Automotive Task Force - Sanctioned Interpretations v1.2020
• Internet of Things Assessment Questionnaire v3.0
• IRS Publication 1075 v9.2016
• ISO 27001 2013*
• ISO 27001 2013 Annex
• ISO 27002 2013
• ITAR 12.2018

Back to Top

L

• Lexcel England and Wales for In-house Legal Departments v6.1
• Lexcel England and Wales for Legal Practices v6.1
• Lexcel International v5.1

Back to Top

M

• Massachusetts Data Privacy Regulation
• MDSAP - Australia: Therapeutic Goods (Medical Devices) Regulations 2002 v7.2019
• MDSAP - Brazil: RDC (16, 23 and 67) v1.0
• MDSAP - Canada: Medical Devices Regulations v6.2019
• MDSAP - Japan: MHLW MO 169 v2014
• MDSAP - USA: Title 21 Food and Drug Regulation v1.0

Back to Top

N

• NAIC MDL - Insurance Data Security Law 4th Quarter 2017
• National Indian Gaming Commission MCS Audit Checklist v2007
• National Indian Gaming Commission MICS Audit Checklist Information Technology & IT Data v2014
• NERC CIP Cyber Security — BES Cyber System Categorization CIP-002-5.1a *
• NERC CIP Cyber Security — Security Management Controls CIP-003-8 *
• NERC CIP Cyber Security — Personnel & Training CIP-004-6 *
• NERC CIP Cyber Security — Electronic Security Perimeters CIP-005-6 *
• NERC CIP Cyber Security — Physical Security of BES Cyber Systems CIP-006-6 *
• NERC CIP Cyber Security — Systems Security Management CIP-007-6 *
• NERC CIP Cyber Security — Incident Reporting and Response Planning CIP-008-6 *
• NERC CIP Cyber Security — Recovery Plans for BES Cyber Systems CIP-009-6 *
• NERC CIP Cyber Security — Configuration Change Management and Vulnerability Assessments CIP-010-3 *
• NERC CIP Cyber Security — Information Protection CIP-011-2 *
• NERC CIP Cyber Security — Supply Chain Risk Management CIP-013-1 *
• NERC CIP Physical Security CIP-014-2 *
• NCUA ACET v1.0
• New Hampshire Senate Bill 194 v8.2019
• NIST Cybersecurity Framework v1.1*
• NIST Privacy Framework v1.0
• NIST 800-34 Contingency Planning Guide for Federal Information Systems Rev 1
• NIST 800-53 Rev. 5
• NIST 800-53 High Baseline Rev. 5
• NIST 800-53 Moderate Baseline Rev. 5
• NIST 800-53 Low Baseline Rev. 5
• NIST 800-53 Privacy Baseline Rev. 5
• NIST 800-61 Computer Security Incident Handling Guide Rev 2
• NIST SP 800-171 A
• NIST SP 800-171 Appendix E_v2016
• NIST SP 800-171 Rev 2*
• North Carolina Identity Theft Protection Act v2005
• NY DFS Cybersecurity Requirements 2017

Back to Top

O

• OCIE Cybersecurity Initiative 2014
• Office for Civil Rights (OCR) Phase 2 Audit Protocol v7.2018
• OWASP Level 1 v4.0
• OWASP Level 2 v4.0
• OWASP Level 3 v4.0

Back to Top

P

• Payment Application Data Security Standard v3.2
• PCI DSS v3.2.1*
• PCI DSS Self Assessment Questionnaire A v3.2.1*
• PCI DSS Self Assessment Questionnaire A-EP v3.2.1*
• PCI DSS Self Assessment Questionnaire B v3.2.1*
• PCI DSS Self Assessment Questionnaire B-IP v3.2.1*
• PCI DSS Self Assessment Questionnaire C v3.2.1*
• PCI DSS Self Assessment Questionnaire C-VT v3.2.1*
• PCI DSS Self Assessment Questionnaire D Merchants v3.2.1*
• PCI DSS Self Assessment Questionnaire D Service Providers v3.2.1*
• PCI DSS Self Assessment Questionnaire P2PPE v3.2.1*
• PCI DSS Appendix A v3.2.1*
• Personal Information Protection and Electronic Documents Act (PIPEDA) v. SC 2000, c. 5
• Portugal Data Protection Law v1.2019
• Privacy Shield Framework - EU-US v1.0
• Privacy Shield Framework - Swiss-US v2017

Back to Top

R

• Restrictions of Hazardous Substances (EU Directive 2015/863) v3.2015

Back to Top

S

• Sarbanes Oxley Act v7.2002
• SEC OCIE Cybersecurity Examination Initiative 2015
• Secure Controls Framework v2021.1
• Secure Software Lifecycle Requirements and Assessment Procedures v1.0
• Singapore Personal Data Protection Act v11.2012
• South Africa - Protection of Personal Information Act (POPI Act) v7.13.2019
• South Carolina Insurance Data Security Act v3.2018
• SSAE16 SOC2 TSP and Privacy 2017
• SSAE18 SOC2 TSC v3.2020
• Standardized Information Gathering (SIG) Core Full v2021
• Stop Hacks and Improve Electronic Data Security Act (New York SHIELD Act) v5.2019
• SWIFT CSP v2019

Back to Top

T

• Technology Risk Management Checklist Framework - Monetary Authority of Singapore v6.2013
• Telephone Consumer Protection Act v3.2016
• Telephone Consumer Protection Act - Examination Worksheet v3.2016
• Texas Administrative Code §202 - Institutions of Higher Education v2016
• Texas Administrative Code §202 - State Agencies v2016
• Texas House Bill 4390 - Privacy Protection Act v6.2019

Back to Top

U

• UK Cyber Security Essentials v2.1
• UK Anti Bribery Statute Adequate Procedures Checklist v5.2012
• UK Data Protection Act v2018
• UK Data Security and Data Protection Toolkit v20-21
• UK Financial Conduct Authority Handbook v4.2019
• UK HMG Security Policy v1.0
• UK Ministry of Defence - Defence Standard 05-138 Issue 2 Low Profile
• UK Ministry of Defence - Defence Standard 05-138 Issue 2 Moderate Profile
• UK Ministry of Defence - Defence Standard 05-138 Issue 2 High Profile
• UK Public Sector Network Code of Connection v1.31
• United Postal Service Information Security Handbook v11.2019
• US Foreign Corrupt Practices Act v7.2004 
• US Government Auditing Standards v7.2018

Back to Top

V

• VDA - Trusted Information Security Assessment Exchange (TISAX) v4.1.1
• Verified Internet Pharmacy Practice Sites (VIPPS) v1.2020
• Vermont Data Broker Regulation v1.2019
• Virginia House Bill 2178 Minimum Security Standards v1.2020

Back to Top

W

• Water Shutoff Protection Act - California Senate Bill 998 v8.2018

Back to Top