KCM’s Compliance Management module comes with over 80 managed compliance templates maintained by KnowBe4. These pre-built templates are available for some of the most common regulations such as PCI, Cloud Security Alliance, Center for Internet Security, NIST, HIPAA, FFIEC, Secure Controls Framework, GDPR, FedRAMP, AICPA SSAE18, and more.

Cloud Computing Compliance Control Catalogue v9.2017
ISO 27001 2013
ISO 27001 2013 Annex
ISO 27002 v2013
PCI DSS Appendix A v3.2.1
PCI DSS Self Assessment Questionnaire A v3.2.1
PCI DSS Self Assessment Questionnaire A-EP v3.2.1
PCI DSS Self Assessment Questionnaire B v3.2.1
PCI DSS Self Assessment Questionnaire B-IB v3.2.1
PCI DSS Self Assessment Questionnaire C v3.2.1
PCI DSS Self Assessment Questionnaire C-VT v3.2.1
PCI DSS Self Assessment Questionnaire D Merchants v3.2.1
PCI DSS Self Assessment Questionnaire D Service Providers v3.2.1
PCI DSS Self Assessment Questionnaire P2PPE v3.2.1
General Data Protection Regulation (GDPR) v1.0
Privacy Shield Framework - EU-US v1.0


Templates by Country

Australian Prudential Standard CPS 234 v7.2019
Australian Privacy Act v12.2018
Australian Signal Directive Information Security Manual_v3.2019
MDSAP - Australia: Therapeutic Goods (Medical Devices) Regulations 2002 v7.2019
Brazilian Internet Law v2018
MDSAP - Brazil: RDC v1.0
MDSAP - Canada: Medical Devices Regulations v6.2019
Personal Information Protection and Electronic Documents Act (PIPEDA) v. SC 2000, c. 5
Cayman Islands Data Protection Law v6.2017
German Federal Data Protection Act_6.2017
MDSAP - Japan: MHLW MO 169 v2014
Portugal Data Protection Law v1.2019
Privacy Shield Framework - Swiss-US v2017
Financial Conduct Authority Handbook (UK) v4.2019
Lexcel England and Wales for In-house Legal Departments v6.1
Lexcel England and Wales for Legal Practices v6.1
HMG Security Policy v1.0
Lexcel International v5.1
UK Cyber Security Essentials 2
UK Data Protection Act v2018
UK Data Security and Protection Toolkit v1.9.6
UK Ministry of Defence - Defence Standard 05-138 Issue 2
UK Public Sector Network Code of Connection v1.31
ACCSC Self Evaluation 2015
California Consumer Privacy Act AB-375_v1.0
CIS Critical Security Controls Implementation Group 1 7.1
CIS Critical Security Controls Implementation Group 2 7.1
CIS Critical Security Controls Implementation Group 3 7.1
CJIS Security Policy v5.8
Cloud Security Alliance - CCM v3.0
COSO 2013
DFARS NIST 800-171 SA v11.2017
FDA 21CFR11 v4.2016
FedRAMP High Baseline Controls v8.2018
FedRAMP LI-SaaS Baseline v8.2018
FedRAMP Low Baseline Controls v8.2018
FedRAMP Moderate Baseline Controls v8.2018
FERPA v12.2011
FFIEC Cybersecurity Tool 2015
Financial Services Sector Coordinating Council (FSSCC) vv1.0
Gramm-Leach-Bliley Act Privacy Rule v5.2000
Gramm-Leach-Bliley Act Safeguard Rule v6.2016
HIPAA Privacy and Breach v1.0
HIPAA Security Rule v1.0
HITECH v1.0
Interagency Guidelines - Information Security Standards v8.2013
IRS Publication 1075 v9.2016
ITAR 12.2018
MDSAP - USA: Title 21 Food and Drugs v1.0
NAIC MDL - Insurance Data Security Law 4th Quarter 2017
NCUA ACET v1.0
NIST 800-171 Appendix E_v2016
NIST 800-53 High-Impact Baseline rev4
NIST 800-53 Low-Impact Baseline rev4
NIST 800-53 Moderate-Impact Baseline rev4
NIST Cybersecurity Framework v1.1
NIST SP 800-171 A
NIST SP 800-171 Rev 1 (updated 06/07/2018)
NIST SP800-53 Privacy rev4
NIST SP800-53 rev4
NIST SP800-53 rev4_FIXES
OCIE Cybersecurity Initiative 2014
OWASP Level 1 v4.0
OWASP Level 2 v4.0
OWASP Level 3 v4.0
PCI DSS v3.2.1
Sarbanes Oxley Act v7.2002
SEC OCIE Cybersecurity Examination Initiative 2015
Secure Controls Framework v2019.1
SSAE16 SOC2 TSP and Privacy 2017
SSAE18 SOC2 TSC (AT-C 105/205)
SWIFT CSP v2019
Connecticut Insurance Data Security Law v10.2019
Massachusetts Data Privacy Regulation v2009
New Hampshire Senate Bill 194 v8.2019
North Carolina Identity Theft Protection Act v2005
NY DFS Cybersecurity Requirements 2017
Texas Administrative Code §202 - Institutions of Higher Education v2016
Texas Administrative Code §202 - State Agencies v2016
Texas House Bill 4390 - Privacy Protection Act v6.2019
Commonwealth of Virginia ITRM Standard SEC501 v10.1
COV Hosted Environment Information Security Standard SEC 525 v03.1

For the most up-to-date list of managed templates please visit the KnowBe4 Knowledge Base article:
https://support.knowbe4.com/hc/en-us/articles/360022753993-KCM-GRC-Managed-Templates


Get the latest about social engineering

Subscribe to CyberheistNews