Skip to content

    Compliance- Vorlagen

    Richtlinienvorlagen, Bereitschafts-Checklisten und Bewertungsfragebögen, um Ihr Compliance-Programm schnell zu starten.

    SOC 2

    SOC 2 Readiness Checklist

    A comprehensive checklist covering all Trust Services Criteria to assess your SOC 2 readiness before engaging an auditor.

    General

    Information Security Policy Template

    A foundational security policy template aligned with ISO 27001 and SOC 2 requirements for organizations of any size.

    General

    Incident Response Plan Template

    A structured incident response plan with roles, escalation procedures, communication templates, and post-incident review steps.

    General

    Vendor Risk Assessment Questionnaire

    A standardized questionnaire for evaluating the security posture of third-party vendors and service providers.

    General

    Access Review Procedure Template

    Step-by-step procedures for conducting periodic user access reviews across systems and applications.

    General

    Data Classification Guide

    A guide for classifying data by sensitivity level with handling requirements, labeling standards, and retention rules.

    General

    Business Continuity Plan Template

    A business continuity and disaster recovery planning template with recovery time objectives and testing schedules.

    GDPR

    GDPR Data Processing Impact Assessment Template

    A DPIA template for assessing the privacy risks of data processing activities as required under GDPR Article 35.

    ISO 27001

    ISO 27001 Risk Assessment Template

    Risk register with asset inventory, threat/vulnerability pairing, and treatment planning aligned to ISO 27001.

    CMMC

    CMMC System Security Plan (SSP)

    Level 2 SSP template with system boundary, CUI scope, and NIST 800-171 control implementation statements.

    HIPAA

    HIPAA Security Rule Risk Analysis

    Risk analysis template per 45 CFR 164.308(a)(1) with ePHI inventory and safeguard evaluation.

    Die Vorlagen dienen ausschließlich zu Informationszwecken und stellen keine rechtliche, regulatorische oder professionelle Compliance-Beratung dar. Passen Sie alle Vorlagen an die spezifischen Anforderungen Ihrer Organisation an und konsultieren Sie qualifizierte Fachleute, bevor Sie sich darauf verlassen.

    Benötigen Sie auf Ihre Organisation zugeschnittene Richtlinien?

    Unser Compliance-Team erstellt maßgeschneiderte Richtlinien, die auf Ihre Branche, Ihren Technologie-Stack und Ihre regulatorischen Anforderungen abgestimmt sind.

    Lassen Sie uns sprechen