Secure smarter, not harder.
with Templates from CISO Tradecraft®
Note, Templates are best viewed on a Desktop/Laptop.
9 Box Template
The 9 Box template helps executives align cybersecurity spend with business value by mapping projects by Impact and Effort. It highlights quick wins, strategic priorities, and high-effort essentials, ensuring budgets drive the greatest risk reduction and measurable business impact.
CMMC Reference Guide
CMMC made simple: the Reference Guide lays out all three levels with a sharp, at-a-glance illustration and clear explanations for every control. Giving you instant clarity without digging through pages of documentation.
Comprehensive AI Control Matrix & Questionnaire
Master AI security with this interactive assessment tool based on the CSA AICM v1.0.3. Features automated risk scoring, real-time compliance dashboards, detailed gap analysis, and one-click PowerPoint reporting to streamline your AI auditing process.
Cyber 6 Pack
The Cyber 6 Pack is a gamified vulnerability management report that turns security metrics into a competitive scorecard. Track managers across application security tools and build a stronger, more resilient security posture through data-driven progress.
Cybersecurity Budget Template
The Cybersecurity Budget Template is a practical template to build and justify your cybersecurity budget. Prioritize investments, align spending with business goals, and clearly show ROI to executives. All in one easy-to-use framework.
Cybersecurity Tools Murder Board
The Cybersecurity Tools Murder Board Template helps teams rigorously evaluate security tools for retirement. Use it to challenge assumptions, uncover blind spots, and ensure only the most effective, cost-efficient, and defensible tools remain in your environment.
Generative AI Risk Assessment
Inspired by State of California SIMM 5305-F, this Generative AI Risk Assessment reveals how a GenAI system works, what data it uses, the risks involved, and the safeguards in place. Turning complexity into clarity.
OWASP Threat and Safeguard Matrix
The Threat and Safeguard Matrix (TaSM) from CISO Tradecraft helps organizations map major threats against the NIST CSF (Identify, Protect, Detect, Respond, Recover). It gives CISOs an action-oriented, defense-in-depth view to strengthen safeguards and improve overall security.
Personal Values Exercise
Discover What Drives You: A Personal Values Exercise. Aligning work with your values boosts motivation, while roles that conflict with what matters drain it. In fact, knowing your own values influences commitment more than understanding your organization’s.
Process Improvement Exercise
Expose where time really disappears. This process improvement template compares “perfect world” vs. real-world execution, instantly reveals efficiency gaps, and pinpoints the few steps causing most waste, so you can focus fixes where they matter most.
Risk Approval Template
The Risk Approval Template streamlines decision-making by documenting identified risks, mitigation strategies, and leadership sign-off. It ensures accountability, transparency, and alignment before accepting or proceeding with known cybersecurity risks.
Toil Register
Track and reduce operational risk and technical debt with a Toil Register built for security and IT leaders. Capture manual work, system gaps, owners, risk levels, KPIs, and fixes. Prioritize remediation, improve efficiency, and export executive-ready reports.
