Compliance Templates
Audit-ready compliance frameworks and checklists
SOC 2 Readiness Accelerator
20-tab SOC 2 program covering assessment through Type 2 audit — 100+ controls, 35 required policies, 7 pre-populated operational logs, and an executive dashboard with three auto-calculated readiness metrics.
HIPAA Readiness Accelerator
23-tab HIPAA compliance workbook built for the 2026 Final Rule — covers all current safeguards plus the 12 new mandatory requirements, IoMT risk, BAA management, breach notification matrix, and a dedicated 2026 gap analysis tab.
ISO 27001:2022 Readiness Accelerator
20-tab ISMS implementation workbook for ISO 27001:2022 — all 93 Annex A controls across 4 themes, 11 new 2022 controls, Clauses 4–10 ISMS framework, transition gap analysis from 2013, and policy library.
PCI DSS v4.0.1 Readiness Accelerator
12-tab PCI DSS v4.0.1 workbook — all 12 requirement domains, SAQ type selector, 51 future-dated requirements tracker, e-commerce script security controls, and QSA-ready evidence register. Built for the March 2025 mandatory transition.
CMMC 2.0 Readiness Accelerator
12-tab CMMC 2.0 workbook — all 110 NIST 800-171 practices with DoD SPRS weights, auto-calculated SPRS score, Level determination decision tree, SSP builder, POA&M tracker, and C3PAO readiness checklist. Built for the November 2026 Phase 2 deadline.
DORA + NIS2 EU Compliance Workbook
14-tab EU regulatory compliance workbook covering all 5 DORA pillars, NIS2 Article 21 measures, dual framework applicability decision tree, penalty calculator (2% DORA / €10M NIS2), and cross-framework mapping across 17 control domains.
NIST CSF 2.0 Self-Assessment Workbook
14-tab NIST CSF 2.0 workbook — all 106 Subcategories with verbatim NIST.CSWP.29 outcome statements, Current/Target tier dropdowns, Organizational Profile Generator, heatmap, gap analysis pre-seeded with 12 high-gap 2026 scenarios, and crosswalks to SP 800-53r5, SP 800-171r3, CIS Controls v8.1, and ISO 27001:2022.
GDPR & DPIA Compliance Workbook
20-tab GDPR compliance workbook — Controller ROPA, Processor ROPA, DSR log with 30-day SLA tracking, 72-hour breach deadline calculator, TIA template, DPF certification tracker, and DPIA template with WP29 9-factor trigger test. Updated for April 2026 research baseline.
2026 US Privacy Program Workbook
17-tab US state privacy compliance workbook covering the 20-state wave — CCPA/CPRA, MODPA, VCDPA, CPA, and 16 more — with auto-generated obligation matrix, DSR tracker, consent management log, ADMT register, and enforcement reference.
SOC 2 Readiness Checklist (Type I & II)
The key controls, evidence items, and policy gaps auditors check at every SOC 2 engagement — organized by Trust Service Criteria with a pre-audit readiness rating.
HIPAA Compliance Checklist 2026
Updated for the 2026 Security Rule Final Rule — covers all 12 new mandatory requirements plus the core Administrative, Physical, and Technical safeguards in a single actionable checklist.