What Templates Are Available for My KCM GRC Platform?

We offer a wide variety of managed templates for your use in the KCM GRC platform. Our team ensures that we have the up-to-date versions of the published framework available for your use. Here is an inventory of our active templates. Please contact your KCM Customer Success Manager if you'd like to add one of these templates to your console.

• ACCSC Self Evaluation v2015
• American Land Title Association Assessment Procedures v2.5
• Association of Corporate Counsel (ACC) Model Information Protection and Security Controls for Outside Counsel v2017
• Australian Signals Directives Information Security Manual v3.2019
• Australian Privacy Act v12.2018
• Australian Prudential Standard CPS 234 v7.2019
• Bank Secrecy Act Examination Manual v2014
• BDSG - German Federal Data Protection Act v6.2017
• Brazilian Internet Law v2018
• California Consumer Privacy Act AB-375_v1.0
• Canada's Anti-Spam Legislation (CASL) v2019
• Cayman Islands Data Protection Laws v6.2017
• CIS Critical Security Controls Implementation Group 1 7.1
• CIS Critical Security Controls Implementation Group 2 7.1
• CIS Critical Security Controls Implementation Group 3 7.1
• CJIS Security Policy v5.8
• Cloud Computing Compliance Controls Catalogue v9.2017
• Cloud Security Alliance - CCM v3.0
• Colorado Data Protection Law v9.2018
• Commonwealth of Virginia Hosted Environment Information Security Standard SEC 525 v03.1
• Commonwealth of Virginia ITRM Standard SEC501 v10.1
• Connecticut Insurance Data Security Law v10.2019
• Customs Trade Partnership Against Terrorism v4.2019
• Cybersecurity Maturity Model Certification DRAFT Level 1 v0.7
• Cybersecurity Maturity Model Certification DRAFT Level 2 v0.7
• Cybersecurity Maturity Model Certification DRAFT Level 3 v0.7
• Cybersecurity Maturity Model Certification DRAFT Level 4 v0.7
• Cybersecurity Maturity Model Certification DRAFT Level 5 v0.7
• DFARS NIST 800-171 SA v11.2017
• Electricity Subsector Cybersecurity Capability Maturity Model v1.2014
• FDA 21CFR11 v4.2016
• FedRAMP High Baseline Controls v8.2018
• FedRAMP LI-SaaS Baseline v8.2018
• FedRAMP Low Baseline Controls v8.2018
• FedRAMP Moderate Baseline Controls v8.2018
• FERPA v12.2011
• FFIEC Cybersecurity Tool 2015
• FFIEC IT Examination Handbook 2016
• Financial Services Sector Coordinating Council (FSSCC) v1.0
• Freedom of Information and Protection of Privacy Act v11.2019
• General Data Protection Regulation (GDPR) v1.0
• Gramm-Leach-Bliley Act Privacy Rule v5.2000
• Gramm-Leach-Bliley Act Safeguard Rule v5.2002
• HIPAA Privacy and Breach v1.0
• HIPAA Security Rule v1.0
• HITECH v1.0
• Illinois Personal Information Protection Act v2019
• Interagency Guidelines - Information Security Standards v8.2013
• Internet of Things Assessment Questionnaire v3.0
• IRS Publication 1075 v9.2016
• ISO 27001 2013
• ISO 27001 2013 Annex
• ISO 27002 2013
• ITAR 12.2018
• Lexcel England and Wales for In-house Legal Departments v6.1
• Lexcel England and Wales for Legal Practices v6.1
• Lexcel International v5.1
• Massachusetts Data Privacy Regulation
• MDSAP - Australia: Therapeutic Goods (Medical Devices) Regulations 2002 v7.2019
• MDSAP - Brazil: RDC (16, 23 and 67) v1.0
• MDSAP - Canada: Medical Devices Regulations v6.2019
• MDSAP - Japan: MHLW MO 169 v2014
• MDSAP - USA: Title 21 Food and Drug Regulation v1.0
• NAIC MDL - Insurance Data Security Law 4th Quarter 2017
• NCUA ACET v1.0
• New Hampshire Senate Bill 194 v8.2019
• NIST Cybersecurity Framework v1.1
• NIST SP 800-171 A
• NIST SP 800-171 Appendix E_v2016
• NIST SP 800-171 Rev 1
• NIST SP 800-53 rev4
• NIST SP 800-53 rev4 High-Impact Baseline rev4
• NIST SP 800-53 rev4 Moderate-Impact Baseline rev4
• NIST SP 800-53 rev4 Low-Impact Baseline rev4
• NIST SP 800-53 Privacy rev4
• North Carolina Identity Theft Protection Act v2005
• NY DFS Cybersecurity Requirements 2017
• OCIE Cybersecurity Initiative 2014
• Office for Civil Rights (OCR) Phase 2 Audit Protocol v7.2018
• OWASP Level 1 v4.0
• OWASP Level 2 v4.0
• OWASP Level 3 v4.0
• PCI DSS v3.2.1
• PCI DSS Self Assessment Questionnaire A v3.2.1
• PCI DSS Self Assessment Questionnaire A-EP v3.2.1
• PCI DSS Self Assessment Questionnaire B v3.2.1
• PCI DSS Self Assessment Questionnaire B-IB v3.2.1
• PCI DSS Self Assessment Questionnaire C v3.2.1
• PCI DSS Self Assessment Questionnaire C-VT v3.2.1
• PCI DSS Self Assessment Questionnaire D Merchants v3.2.1
• PCI DSS Self Assessment Questionnaire D Service Providers v3.2.1
• PCI DSS Self Assessment Questionnaire P2PPE v3.2.1
• PCI DSS Appendix A v3.2.1
• Personal Information Protection and Electronic Documents Act (PIPEDA) v. SC 2000, c. 5
• Portugal Data Protection Law v1.2019
• Privacy Shield Framework - EU-US v1.0
• Privacy Shield Framework - Swiss-US v2017
• Sarbanes Oxley Act v7.2002
• SEC OCIE Cybersecurity Examination Initiative 2015
• Secure Controls Framework v2019.6
• Singapore Personal Data Protection Act v11.2012
• SSAE16 SOC2 TSP and Privacy 2017
• SSAE18 SOC2 TSC (AT-C 105/205)
• SWIFT CSP v2019
• Texas Administrative Code §202 - Institutions of Higher Education v2016
• Texas Administrative Code §202 - State Agencies v2016
• Texas House Bill 4390 - Privacy Protection Act v6.2019
• UK Cyber Security Essentials 2
• UK Data Protection Act v2018
• UK Data Security and Data Protection Toolkit v1.9.6
• UK Financial Conduct Authority Handbook v4.2019
• UK HMG Security Policy v1.0
• UK Ministry of Defence - Defence Standard 05-138 Issue 2 Low Profile
• UK Ministry of Defence - Defence Standard 05-138 Issue 2 Moderate Profile
• UK Ministry of Defence - Defence Standard 05-138 Issue 2 High Profile
• UK Public Sector Network Code of Connection v1.31
• US Government Auditing Standards v7.2018
• VDA - Trusted Information Security Assessment Exchange (TISAX) v4.1.1
• Vermont Data Broker Regulation v1.2019