We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:



Recent Blogs & Podcasts

Tools & Templates

\ Tools & Templates


Our collection of tools, toolkits, templates, checklists, matrices and maps provides assistance for tackling specific InfoSec initiatives. Developed by industry experts, these materials offer step-by-step guidance on approaching and completing common tasks.

IANS Tools & Templates

December 18, 2017 | Security Policies and Strategy

 CISO Impact Firmographic

Security teams of all industries and organization sizes have a pressing need for funding to keep their programs effective. The CISO Impact Firmographic is a benchmarking tool that allows you to compare your security budget and team size to organizations of similar sizes in your industry, and it is based on our research with more than 1,000 information security teams.

Read More »

December 18, 2017 | Vendor and Partner Management

 Vendor Selection Templates

Assessing, qualifying, classifying and managing vendors can be a daunting challenge, but it's critical to an organization's information security strategy. The Vendor Selection Templates offer tips and tricks for assessing a vendor's security posture and ensuring they will be a secure, trustworthy partner. 

Read More »

December 11, 2017 | Security Awareness, Phishing, Social Engineering

 Security Awareness Templates

There's no one-size fits all approach to security awareness, but having a robust, continually evolving program is critical to the success of the information security team. The Security Awareness Program Template and Security Awareness Scorecard give organizations a head start in not only building their security awareness program, but measuring its effectiveness over the long haul. 

Read More »

December 6, 2017 | Security Policies and Strategy

 M&A and Divestiture Security Checklists

These checklists are designed to be a guide to help information security professionals understand the M&A and divestiture processes end-to-end, identify the best places to inject security and determine to-do list items that must be addressed within the deal lifecycle. 

Read More »

November 27, 2017 | Directory Services

 Active Directory Operations RACI Template

The Active Directory (AD) Operations RACI (Responsible, Accountable, Consulted, Informed) Template allows users to assign the tasks and functions that need to be done in the AD world. The Template breaks down the major roles associated with various procedures within the AD realm. 

Read More »

November 16, 2017 | Security Information and Event Management (SIEM) and Log Management

 SIEM Use-Case Checklist

It can be easy to underestimate the time and effort required to effectively operate and manage a SIEM. This detailed, sortable checklist is designed to help organizations determine where they stand on a number of specific SIEM use-case scenarios. 

Read More »

November 13, 2017 | Enterprise and IT Compliance Management

 HIPAA Risk Assessment Template

The Health Insurance Portability and Accountability Act (HIPAA) Risk Assessment Template is designed to help organizations remain compliant with HIPAA. It describes a thorough risk analysis process organizations can take and identifies which supporting documents should be included as appendices.

Read More »

November 1, 2017 | Threat Intelligence and Modeling

 IANS Threat Modeling Tool

Threat modeling methodologies have existed for years in many forms, but there hasn't always been a simple and time-effective way to operationalize them. The IANS Threat Modeling Tool is designed to help jumpstart and evolve your organization's risk management efforts. 

Read More »

October 31, 2017 | Security Policies and Strategy

 Comprehensive Security Policy Generator

One of the best ways to construct a set of comprehensive information security policies is to start with the control categories laid out in ISO 27001 Annex A (also known as ISO 27002), and then describe what infosec policies apply to each of the controls. This document does just that, giving organizations the power to measure their current policies against this framework or develop new ones that align with the full scope of the ISO 27002 controls. 

Read More »

October 30, 2017 | Architecture, Configuration and Segmentation

 Internal Network Monitoring Solution Request-for-Proposal (RFP) Template

When creating a request for proposal (RFP) of any kind, the purpose is to ensure prospective vendors can check all of the necessary boxes. This document provides a comprehensive RFP template specifically designed for organizations seeking an internal network monitoring solution.

Read More »