Software as a Service
Best Practice Content
NIST Data
Training
Pricing
Download Best Practices and Standards to add expert guidance to your digital work
Improve Cyber Security Management >
NIST Framework for Improving Critical Infrastructure Cybersecurity
NIST IT Supply Chain Risk Management
NIST Cyber Security Capability Maturity Model
UK Government Cyber Essentials
UK Government Cyber Essentials Plus
Process for Improving Cyber Security Management
Improve Security of Application Development >
NIST Taxonomy and Terminology of Adversarial Machine Learning
5.7.6.2.5 - NIST Failure Mode Analysis in Machine Learning
OWASP Application Security Verification Standard
NIST Digital Identity Guidelines
NIST Security of Web Services
NIST Reducing Software Vulnerabilities
Improve IT Infrastructure & Network Security >
ITIL Service Standards and Processes
NIST Security and Privacy Controls
NIST Server Security
NIST Securing Public Web Servers
NIST Electronic Mail Security
NIST Security of Voice Over IP Systems
NIST Securing Wireless Networks
NIST Securing Wireless Local Area Networks
NIST Security of IPsec VPNs
NIST Security of Virtualization Technologies
NIST Security for Hypervisor Deployment
NIST Security-Focused Configuration Management
NIST IT Asset Management
Storage Area Networks
IETF Robust Inter-Domain Routing Standard
SOC 2 Data Centre Operations Security
Enterprise Architecture Principles
Information Security Capability Model
Improve CISO Security Services >
NIST Data-Centric System Threat Modeling
NIST Intrusion Detection and Prevention Systems
FIPS Data Encryption at Rest Standards
NIST for Key Management
NIST Cryptographic Key Management Systems
NIST Security of Hash, Random Number and Digital Signature Algorithms
NIST Application Container Security
NIST Security of Linux Containers
NIST Test Methods for Access Control
NIST Recovering from Ransomware and Other Destructive Events
NIST Cybersecurity Event Recovery Best Practice
Cyber Attack Emergency Exercise Training >
NIST Cyber Attack Incident Recovery
Cyber Attack Vectors and Scenarios
Incident Response Process
IT and Cyber Security Asset Register.
IT and Cyber Security Asset Register - Medium Complexity
IT and Cyber Security Asset Register - High Complexity
Cyber Security experts - Competency Ratings
Ethical Hacking and Penetration Testing
Business Continuity Process
Crisis Management Process
Cyber and IT Policy, ISO27001 Controls
Cyber Security Insurance
Data Protection Officer Content and Tools >
Data Protection Impact Assessment
Data Mapping and Flows
Data Protection Policies and Procedures
Subject Access Request
Breach Notification Register
NIST Protecting Controlled Information
NIST Mapping Information Systems to Security Categories
NIST Security and Privacy Controls
NIST Digital Identity Guidelines
NIST Test Methods for Access Control
NIST Security in System Development
NIST Penetration Testing and Assessment
NIST Guidelines for Media Sanitization
NIST Supply Chain Risk
NIST Data-Centric Threat Modelling
NIST Cloud Computing Forensics
NIST Recovering from Ransomware and Other Destructive Events
NIST Computer Security Incident Handling
NIST Cybersecurity Event Recovery
Cyber attack and data exfiltration blueprints >
Attacks on compiled software without source code
Anti-forensic techniques
Automated probes and scans
Automated widespread attacks
Cyber-threats with bullying
Distributed attack tools
Email propagation of malicious code
Executable code attacks against browsers
Exploiting infrastructure software vulnerabilities
Fully undetectable software or noise
GUI intrusion tools
Internet social engineering attacks
Network sniffers
Packet spoofing
Session-hijacking
Sophisticated botnet command and control attacks
"Stealth" and other advanced scanning techniques
Targeting of specific users using user data
Wide-scale trojan distribution
Widespread attacks on DNS infrastructure
Windows-based remote access trojans
Widespread attacks using NNTP to distribute attack
Widespread, distributed denial-of-service attacks
Wide-scale use of worms
Conduct Cyber Penetration Test >
NIST Penetration Testing and Assessment
1. Enumerating the Servers
2. IPs on Servers
3. Host Status & Data
4. Logical Map of relationships
6. System Vulnerabilities
7. Wifi Hacking
8. Web Application Security
9. Password Cracking
10. Break in, Hunt for Files
11. Pass the Hash Authentication
12. Client Side Attacks
13. Network Resilence
14. Switches and Hubs
15. Reconnection Testing
16. Database exploitation
Improve Risk Management in Financial Services >
NIST IT Asset Management Financial Services
Principles for effective risk data aggregation and reporting, BCBS 239.
MiFID II and MiFIR Implementation Technical Standards.
OTC Derivatives Margin Requirements, BCBS 261
Credit Risk in Banks and Financial Institutions
Treating Customers Fairly in Financial Services
Market Abuse Regulations
Risks to executives from regulatory attestations
Assess Payment Card Industry Data Security >
Payment Card Industry Data Security Standard (PCI DSS)
PCI Supplementary requirements Code Reviews and Application Firewalls
PCI Supplement requirements Wireless Guidelines
PCI Supplementary Requirements for Penetration Testing
NIST Card Application and Middleware Interface Test
NIST Security and Privacy Controls PCI DSS
Improve 'Internet of Things' Design and Build >
NIST Network of ‘Things’
NIST IOT Edge Computing Conceptual Model
NIST Platform Firmware Resiliency Guidelines
Step 1 – Understand topology for IOT Elements
Step 2 – Assess Cybersecurity for Cyber Physical Systems
Step 3 – Convert IoT assessment to a business case assessment
Programme & Project Management Standards >
Programme Management (MSP)
Project Management (Prince2)
Project Management (PMI)
Finance Transformation
Agile Project Management
Implement Security through Cloud Computing >
NIST Evaluation of Cloud Computing Services
NIST Cloud Computing Reference Architecture
NIST Security and Privacy in Public Cloud Computing
Controlling SaaS Environments from an IT Viewpoint
Data Services Transformation
Assess IT & Application Estate and Opportunities
Compute Transformation
Network Services Transformation
Application & Development Process Transformation
Application Services Transformation
Security Transformation
Business Intelligence & Machine learning
Contract Alignment & Operationalisation
Improve Enterprise Data Management >
Ontology, Semantic and Conceptual Data Modeling
Enterprise Data Quality Standard
eDiscovery
Enterprise Data Standards Setting Process
Improve Industrial Control Systems >
NIST Industrial Control System Security
Community Emergency Response
Improve Cyber Risks in Healthcare >
NIST Securing Wireless Infusion Pumps
Management of Medical Equipment
Managing Biological Risks in Laboratories
Control of Substances Hazardous to Health
General Data Protection Regulation Implementation >
General Data Protection Regulations, GDPR
1. Carry out GDPR Gap Analysis
2. Implement GDPR Management Oversight
3. Implement Business process for Compliance
4. Implement Heightened citizen rights
European Union - Network and Information Security Directive
United States - Cyber Security Regulation
UK - Investigatory Powers Bill
Evaluate Blockchain Use Cases and Risks >
Blockchain Technology Use Cases
Blockchain Application Testing and Assurance
Conduct Cyber Security Audit >
NIST Auditing Security and Privacy Controls
Audit - Application and Software
Audit - Data and Storage
Audit - Network
Audit - End User Devices
Audit - Computer and Data Centre
Audit - Tools and Configuration
Audit - Physical Security
Quantify Cyber Risk with Monte Carlo >
Calculate Cyber Risk in Financial Terms
Calculate Insurance coverage using Monte Carlo
Calculate Company operational risk using Monte Carlo
Calculate risk for Regulatory purposes using Monte Carlo
Cyber Security Line of Defence Assessment >
1st Line of Defense Attacks - People
2nd Line of Defense Attacks - Network Boundary
3rd Line of Defense Attacks - Internal
4th Line of Defense Attacks - Supply Chain Vulnerabilities
Improve Software Development for Cyber Resilence >
Dev Ops Assessment
Software Testing during Development
Software Development in Aviation
Software Development
Application Modernisation and Architecture Blueprints >
Digital First Strategies
Customer facing application blueprints
Enterprise management application blueprints
Enterprise data management blueprints
Blueprints for new enterprise cloud capabilities
Resilience Blueprints
Transformation of ERP to Cloud >
Oracle e-Business Suite
SAP Business One
Microsoft Dynamics
NetERP from NetSuite
SAGE
Infor Global Solutions
Business & Process Re-engineering
Solution & Enterprise Architecture
Programme & Transformation Management
Improve the Integration of Business Processes >
Customer Strategy & Relationships Marketing
Quality, Process Improvement & Change Management
Financial Analysis, Reporting & Capital Management
Customer Acquisition & Sales
Product Development
Product and Service Delivery
Accounting Management
Technology and IT Management
Credit Risk Control framework
Market Risk Control Framework
Building Management >
Audit of a Commercial Building
Maintenance of Flats
Managing asbestos in buildings
Protection of Buildings from Fire
Village Hall
Managing Legal & Regulatory Risk >
Scenario Test Contracts against unforseen events
UK Data Protection Regulations 1998
Contract Obligation Analysis (Template)
Anti Bribery Act
Risk based Legal Case builder
Sarbane-Oxley Act Top Down Risk
Individual Accountability in Financial Services CP15/9 : Rules for Managers
Human Rights
Strategy, Innovation and Risk Transfer Methods >
Innovation Methods and Invention Processes (TRIZ)
Decision Making Under Uncertainty
Real option investment analysis
Business Model Fragility
Enterprise Resource Planning Best Practices
Vendor Risk Management
IT Outsourcing
Doing Business Abroad
Corporate Tax Strategy and Planning
Brexit Analysis & Business Reviews >
Quick Start Questionnaire
Business Process for a Risk Review
Government Process for Exit, Risks & Opportunities
Areas of Law Affected, Risks & Opportunities
International Business, Trade Agreements, Risk and Opportunities
Supply Chain, Risks & Opportunities
Data Protection & Cyber Security
Availability of International Staff
Sales, Customers, Products, Services and Contracts
Deals, Investments, Credit and Finance
Organisation and Human Resources
Contingency Planning and Exercises
Analyse and Report Trading Risks >
Equities Trading on Emerging Markets
Equities Trading on Emerging Markets with Controls
Forex Code and Best Practice
Futures Trading
Improve Skills & Organisational Capabilities >
Social Networking
Human Resources
Events involving the public
Sarbanes–Oxley Act Compliance >
PCAOB Accounting Standard 5. Step 1 - Financial Statement Analysis
ISAE 3402 - Assurance Controls at a Service Organization
PCAOB Accounting Standard 5. Step 2 - Business Process Analysis
PCAOB Accounting Standard 5. Step 3 - Assertion Analysis
PCAOB Accounting Standard 5. Step 4 - Process Risk Analysis
Improve your Programme Management Office >
PMO Requirements
PMO Standards
PMO Processes
Aviation >
Software in Airborne Systems Certification
Aircraft Asset Management
Aircraft Towing
Aircraft Fuelling Operations
Engine Run: Propellers
Unmanned Aerial Vehicles, UAV Operations
UAV, AT-30 Operations and Safety
Insurance >
Anti Bribery Act exposure for Insurance companies
Risk Exposure of an Insurance Company
Investing in Art
Construction >
Construction - Plastering
Construction - Bricklaying
Excavation work
Health and Safety on a Construction Site
Demolition of Buildings and Plant
Method Statement
Transport, Shipping & Travel >
Buying a Used Car
War Zone Travel Safety
Confined Space Entry
Road Haulage Company
Motor vehicle repair body shop
Industry >
International supply chain risk
Warehouse Health and Safety
Maintenance in factory
Control of Chemical Substances Hazardous to Health
Templates >
Kanban Card
Cyber Incident Response Plan
Project Assurance template
IT Systems Transformation Template
Template with 10 Risks and 1 Control
Template with 2 Risks and 3 Controls
Template with 5 Risks, 1 common cause-hazard and 3 Controls
Improve Critical Electricity Infrastructure >
NIST Situational Awareness for Electric Utilities
NIST Guidelines for Smart Grid Cyber Security
NIST Framework for Smart Grid Interoperability Standards
NIST Engineering of Trustworthy Systems
Step 1 - Model Logical Processes
Step 2 - Identify Standards and Best Practice
Step 3 - Find Future Vulnerabilities & Cyber Attacks
Step 4 - Conduct Indepth Risk Assessments
END >