Templates

Practice the real work of GRC.

These templates mirror what analysts use on the job. Download any template, fill it in as a practice exercise, and bring it to your portfolio.

The central log analysts use to track inherent and residual risk, owners, treatments, and target dates.

A practical questionnaire for the Due Diligence phase of the vendor lifecycle, covering data, controls, BC/DR, and compliance.

Compare current vs target state across Govern, Identify, Protect, Detect, Respond, Recover with priority and owners.

A clean one-page policy template you can adapt for any standard or framework requirement.

Detection through Lessons Learned, with checkbox items for every phase of an incident.