Filter By:



Recent Blogs & Podcasts

Tools & Templates

\ Tools & Templates 

Our collection of tools, toolkits, templates, checklists, matrices and maps provides assistance for tackling specific InfoSec initiatives. Developed by industry experts, these materials offer step-by-step guidance on approaching and completing common tasks.

IANS Tools & Templates

March 22, 2018 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Decision-Maker: IaaS Security Controls

For security teams, choosing security controls in the cloud can be daunting at best, and incredibly frustrating at worst. This tool is designed to help security teams make decisions on which solutions and controls make the most sense when moving workloads into IaaS environments.

Read More »

March 7, 2018 | Authentication

 Multi-Factor Authentication (MFA) Checklist

It's clear multi-factor authentication (MFA) offers a far more robust solution than passwords alone for protecting critical systems and data. In this checklist, IANS details the practical steps for choosing and implementing an enterprise-class MFA solution that helps meet regulatory requirements, facilitate realistic business operations and actually stop attacks.

Read More »

February 1, 2018 | Risk Management

 IANS Risk Register Tool (Updated)

Building a Risk Register is a critical undertaking for organizations of all sizes, and there are a number of factors that contribute to its accuracy and success. This tool (updated to include the latest PCI DSS 3.2 requirements) offers a step-by-step guide for identifying risk and harm, calculating exposure and adopting appropriate security controls. 

Read More »

January 30, 2018 | Enterprise and IT Compliance Management

 IANS General Data Protection Regulation (GDPR) Checklist

With all the noise, panic and questions about the EU’s new General Data Protection Regulation (GDPR), it’s difficult to discern the right mix of policies, procedures and technologies to ensure compliance. This checklist helps prioritize the practical steps you can take today to ensure your organization is fully prepared when the ruling comes into full force this May.

Read More »

December 18, 2017 | Security Policies and Strategy

 CISO Impact Firmographic

Security teams of all industries and organization sizes have a pressing need for funding to keep their programs effective. The CISO Impact Firmographic is a benchmarking tool that allows you to compare your security budget and team size to organizations of similar sizes in your industry, and it is based on our research with more than 1,000 information security teams.

Read More »

December 18, 2017 | Vendor and Partner Management

 Vendor Selection Templates

Assessing, qualifying, classifying and managing vendors can be a daunting challenge, but it's critical to an organization's information security strategy. The Vendor Selection Templates offer tips and tricks for assessing a vendor's security posture and ensuring they will be a secure, trustworthy partner. 

Read More »

December 11, 2017 | Security Awareness, Phishing, Social Engineering

 Security Awareness Templates

There's no one-size fits all approach to security awareness, but having a robust, continually evolving program is critical to the success of the information security team. The Security Awareness Program Template and Security Awareness Scorecard give organizations a head start in not only building their security awareness program, but measuring its effectiveness over the long haul. 

Read More »

December 6, 2017 | Security Policies and Strategy

 M&A Security Checklist

The M&A Security Checklist is designed to be a guide to help information security professionals understand the M&A process end-to-end, identify the best places to inject security into the process and determine to-do list items that must be addressed within the deal lifecycle. 

Read More »

November 27, 2017 | Directory Services

 Active Directory Operations RACI Template

The Active Directory (AD) Operations RACI (Responsible, Accountable, Consulted, Informed) Template allows users to assign the tasks and functions that need to be done in the AD world. The Template breaks down the major roles associated with various procedures within the AD realm. 

Read More »

November 16, 2017 | Security Information and Event Management (SIEM) and Log Management

 SIEM Use-Case Checklist

It can be easy to underestimate the time and effort required to effectively operate and manage a SIEM. This detailed, sortable checklist is designed to help organizations determine where they stand on a number of specific SIEM use-case scenarios. 

Read More »