Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Română Русский svenska Kiswahili ไทย Türkçe Українська Tiếng Việt 简体中文 中文 (香港) 繁體中文

KCM GRC: Managed Templates

Avatar
Jessica Goheen
Updated
Follow

What Templates Are Available for My KCM GRC Platform?

We offer a wide variety of managed templates for your use in the KCM GRC platform. While our managed templates are updated on an ongoing basis, please take a look at the version information that we've included from the template's publisher. That way, you can confirm that our template is current for your organization's purposes. 

Note: For several of our managed templates, we offer guidance for requirements within the framework. Guidance provides information that will help you create controls that will satisfy requirements. The managed templates that contain guidance have an asterisk (*) next to the name in the list below. To learn more about guidance, please see our Working With Control Guidance article.

Below you will find an inventory of the managed templates that we currently offer. Please contact your KCM Customer Success Manager if you'd like to add one of these templates to your console.

JUMP TO: 

A - B - C - D - E - F - G - H - I - L - M - N - O - P - R - S - T - U - V - W

A

  • American Land Title Association Assessment Procedures v3.0
  • Association of Corporate Counsel (ACC) Model Information Protection and Security Controls for Outside Counsel v2017
  • Australian Privacy Act v2.2021
  • Australian Prudential Standard CPS 234 v7.2019
  • Australian Signals Directives Information Security Manual v4.2021

Back to Top

B

  • Bank Secrecy Act Examination Manual v2014
  • BDSG - German Federal Data Protection Act v6.2017
  • Brazilian Data Protection Law (LGPD) v2018

Back to Top

C

  • California Consumer Privacy Act Final Text v3.2021
  • California Consumer Privacy Act AB 25 v1.0 (Amendment to California Consumer Privacy Act)
  • California Consumer Privacy Act AB 713 v1.0 (Amendment to California Consumer Privacy Act)
  • California Consumer Privacy Act AB 1130 v1.0 (Amendment to California Consumer Privacy Act)
  • California Consumer Privacy Act AB 1146 v1.0 (Amendment to California Consumer Privacy Act)
  • California Consumer Privacy Act AB 1355 v1.0 (Amendment to California Consumer Privacy Act)
  • California Consumer Privacy Act AB 1564 v1.0 (Amendment to California Consumer Privacy Act)
  • California Consumer Privacy Act AB 1202 v1.0 (Amendment to California Consumer Privacy Act)
  • California Proposition 65 v2019
  • Canada's Anti-Spam Legislation (CASL) v2019
  • CIS Critical Security Controls Implementation Group 1 v8
  • CIS Critical Security Controls Implementation Group 2 v8
  • CIS Critical Security Controls Implementation Group 3 v8
  • CJIS Security Policy v5.9
  • Cloud Computing Compliance Controls Catalogue v2020
  • Cloud Security Alliance - Cloud Controls Matrix v4.0.1
  • Colorado Data Protection Law v9.2018
  • Commonwealth of Virginia Hosted Environment Information Security Standard SEC 525 v04.1
  • Commonwealth of Virginia ITRM Standard SEC501 v11.3
  • Connecticut Insurance Data Security Law v10.2020
  • Customs Trade Partnership Against Terrorism - Third Party Logistics Providers (3PL) v3.2020
  • Cybersecurity Law of the People’s Republic of China v6.2017
  • Cybersecurity Maturity Model Certification (CMMC) Level 1 v1.02*
  • Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.02*
  • Cybersecurity Maturity Model Certification (CMMC) Level 3 v1.02*
  • Cybersecurity Maturity Model Certification (CMMC) Level 4 v1.02*
  • Cybersecurity Maturity Model Certification (CMMC) Level 5 v1.02*

Back to Top

D

  • DFARS NIST 800-171 SA v11.2017

Back to Top

E

  • Electricity Subsector Cybersecurity Capability Maturity Model v1.2014

Back to Top

F

  • FDA 21CFR11 v4.2019
  • FedRAMP High Baseline Controls v6.2020
  • FedRAMP LI-SaaS Baseline v6.2020
  • FedRAMP Low Baseline Controls v6.2020
  • FedRAMP Moderate Baseline Controls v6.2020
  • FERPA v12.2011
  • FFIEC Cybersecurity Tool 2015
  • FFIEC IT Examination Handbook 2016
  • Freedom of Information and Protection of Privacy Act v11.2019

Back to Top

G

  • General Data Protection Regulation (GDPR) v1.0*
  • Gramm-Leach-Bliley Act Privacy Rule v5.2000
  • Gramm-Leach-Bliley Act Safeguard Rule v5.2002

Back to Top

 H

  • Higher Education Community Vendor Assessment Tool Lite (HECVAT) v2.11
  • HIPAA Privacy and Breach v1.0*
  • HIPAA Security Rule v1.0*
  • HITECH v1.0*

Back to Top

I

  • Illinois Personal Information Protection Act v2019
  • International Traffic in Arms Regulations (ITAR) v4.2021
  • Interagency Guidelines - Information Security Standards v8.2013
  • Internet of Things Assessment Questionnaire v3.0
  • IRS Publication 1075 v8.2020
  • ISO 27001 2013*
  • ISO 27001 2013 Annex
  • ISO 27002 2013

Back to Top

L

  • Lexcel England and Wales for In-house Legal Departments v6.1
  • Lexcel England and Wales for Legal Practices v6.1
  • Lexcel International v5.1

Back to Top

M

  • Massachusetts Data Privacy Regulation
  • MDSAP - Brazil: RDC (16, 23 and 67) v1.0
  • MDSAP - Canada: Medical Devices Regulations v6.2019

Back to Top

N

  • NAIC MDL - Insurance Data Security Law 4th Quarter 2017
  • National Indian Gaming Commission MCS Audit Checklist v2007
  • National Indian Gaming Commission MICS Audit Checklist Information Technology & IT Data v2014
  • NERC CIP Cyber Security — BES Cyber System Categorization CIP-002-5.1a *
  • NERC CIP Cyber Security — Security Management Controls CIP-003-8 *
  • NERC CIP Cyber Security — Personnel & Training CIP-004-6 *
  • NERC CIP Cyber Security — Electronic Security Perimeters CIP-005-6 *
  • NERC CIP Cyber Security — Physical Security of BES Cyber Systems CIP-006-6 *
  • NERC CIP Cyber Security — Systems Security Management CIP-007-6 *
  • NERC CIP Cyber Security — Incident Reporting and Response Planning CIP-008-6 *
  • NERC CIP Cyber Security — Recovery Plans for BES Cyber Systems CIP-009-6 *
  • NERC CIP Cyber Security — Configuration Change Management and Vulnerability Assessments CIP-010-3 *
  • NERC CIP Cyber Security — Information Protection CIP-011-2 *
  • NERC CIP Cyber Security — Supply Chain Risk Management CIP-013-1 *
  • NERC CIP Physical Security CIP-014-2 *
  • NCUA ACET v1.0
  • New Hampshire Senate Bill 194 v8.2019
  • NIST Cybersecurity Framework v1.1*
  • NIST Privacy Framework v1.0
  • NIST 800-34 Contingency Planning Guide for Federal Information Systems Rev 1
  • NIST 800-53 Rev. 5
  • NIST 800-53 High Baseline Rev. 5
  • NIST 800-53 Moderate Baseline Rev. 5
  • NIST 800-53 Low Baseline Rev. 5
  • NIST 800-53 Privacy Baseline Rev. 5
  • NIST 800-61 Computer Security Incident Handling Guide Rev 2
  • NIST SP 800-171A v6.2018 
  • NIST SP 800-171 Appendix E_v2016
  • NIST SP 800-171 Rev 2 v1.2021*
  • North Carolina Identity Theft Protection Act v2005
  • NY DFS Cybersecurity Requirements 2017

Back to Top

O

  • OCIE Cybersecurity Initiative 2014
  • Office for Civil Rights (OCR) Phase 2 Audit Protocol v7.2018
  • OWASP Level 1 v4.0.2
  • OWASP Level 2 v4.0.2
  • OWASP Level 3 v4.0.2

Back to Top

P

  • Payment Application Data Security Standard v3.2
  • PCI DSS v3.2.1*
  • PCI DSS Self Assessment Questionnaire A v3.2.1*
  • PCI DSS Self Assessment Questionnaire A-EP v3.2.1*
  • PCI DSS Self Assessment Questionnaire B v3.2.1*
  • PCI DSS Self Assessment Questionnaire B-IP v3.2.1*
  • PCI DSS Self Assessment Questionnaire C v3.2.1*
  • PCI DSS Self Assessment Questionnaire C-VT v3.2.1*
  • PCI DSS Self Assessment Questionnaire D Merchants v3.2.1*
  • PCI DSS Self Assessment Questionnaire D Service Providers v3.2.1*
  • PCI DSS Self Assessment Questionnaire P2PPE v3.2.1*
  • PCI DSS Appendix A v3.2.1*
  • Personal Information Protection and Electronic Documents Act (PIPEDA) v. SC 2000, c. 5
  • Portugal Data Protection Law v1.2019

Back to Top

R

  • Restrictions of Hazardous Substances (EU Directive 2015/863) v6.2021

Back to Top

S

  • Sarbanes Oxley Act v7.2002
  • SEC OCIE Cybersecurity Examination Initiative 2015
  • Secure Controls Framework v2021.1
  • Secure Software Lifecycle Requirements and Assessment Procedures v1.1
  • Singapore Personal Data Protection Act v6.2021
  • South Africa - Protection of Personal Information Act (POPI Act) v7.13.2019
  • South Carolina Insurance Data Security Act v3.2018
  • SSAE18 SOC2 TSC v3.2020
  • Standardized Information Gathering (SIG) Core Full v2021
  • Stop Hacks and Improve Electronic Data Security Act (New York SHIELD Act) v5.2019

Back to Top

T

  • Technology Risk Management Checklist Framework - Monetary Authority of Singapore v1.2021
  • Telephone Consumer Protection Act v3.2016
  • Telephone Consumer Protection Act - Examination Worksheet v3.2016
  • Texas Administrative Code §202 - Institutions of Higher Education v2016
  • Texas Administrative Code §202 - State Agencies v2016
  • Texas House Bill 4390 - Privacy Protection Act v6.2019

Back to Top

U

  • UK Cyber Security Essentials v2.2
  • UK Anti Bribery Statute Adequate Procedures Checklist v5.2012
  • UK Data Protection Act v2018
  • UK Data Security and Data Protection Toolkit v20-21
  • UK Defence Cyber Protection Partnership (DCPP) v06.2020 Low Profile
  • UK Defence Cyber Protection Partnership (DCPP) v06.2020 Moderate Profile
  • UK Defence Cyber Protection Partnership (DCPP) v06.2020 High Profile
  • UK Public Sector Network Code of Connection v1.31
  • US Foreign Corrupt Practices Act v7.2004 
  • US Government Auditing Standards v4.2021

Back to Top

V

  • VDA - Trusted Information Security Assessment Exchange (TISAX) v5.0.4
  • Vermont Data Broker Regulation v1.2019
  • Virginia House Bill 2178 Minimum Security Standards v1.2020

Back to Top

W

  • Water Shutoff Protection Act - California Senate Bill 998 v8.2018

Back to Top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles