IT Governance

Ready-to-use industry IT standards, frameworks, and best practices.

Designed for IT audit, risk, and compliance professionals.

Compliance with multiple IT standards, regulatory requirements, and internal policies can be daunting. But it doesn’t have to be—automate your IT risk and compliance program using Galvanize's growing, evergreen collection of regulatory and compliance content. Increase assurance over IT general controls, data privacy, and cybersecurity using our integrated content to monitor compliance programs by mapping IT regulations and standards against common control frameworks. Pre-built robots help you quickly determine high-risk activities related to unauthorized access. Galvanize makes it easy for you to minimize risk exposure and collaborate with your front line.

Included in the Content For IT Governance

Browse by toolkit

A toolkit is a curated set of tools aimed at addressing one area of risk or compliance.

For example, a toolkit might include a set of data analytics, a risk control framework, and a best practices program.

General IT Compliance Toolkit

Reduce the compliance burden and effort for the most common IT standards and regulations. Jump start your compliance programs with easy-to-implement tools for demonstrating coverage. Our ready-built tools for IT content includes key regulations, standards, and risk and control matrices.

  • AICPA Trust Security Criteria 2016 - SSAE 16/18 SOC 2
  • AICPA Trust Security Criteria 2017 - SSAE 16/18 SOC 2
  • Center for Internet Security (CIS) Controls Version 7.0
  • Center for Internet Security (CIS) Controls Version 7.1
  • COBIT 2019 Framework
  • CSA Cloud Controls Matrix (Version 3.0.1) 2016
  • IT General Controls - Unauthorized Access Analysis App
  • Payment Card Industry (PCI) Data Security Standard - Version 3.2
  • Payment Card Industry (PCI) Data Security Standard - Version 3.2.1

NIST Toolkit

Establish a strong cybersecurity posture by adopting the universally applied NIST cybersecurity framework and security controls. Confidently manage risks and implement mitigating controls to increase assurance over your cybersecurity programs.

  • NIST Cybersecurity (Version 1.0) 2014
  • NIST Cybersecurity (Version 1.1) 2018
  • NIST SP 800-171 Rev. 1 (2018)
  • NIST SP 800-53 FedRAMP High Baseline Controls Framework
  • NIST SP 800-53 FedRAMP Low Baseline Control Framework
  • NIST SP 800-53 FedRAMP Moderate Baseline Controls Framework
  • NIST SP 800-53 Privacy Controls (Revision 4)
  • NIST SP 800-53 Program Management Controls (Revision 4)
  • NIST SP 800-53 Security Controls (Revision 4) / FedRAMP 2016.01

ISO 2700X Toolkit

Incorporate information security management best practices to cover the risks related to privacy, confidentiality, and technical cybersecurity issues.

  • ISO/IEC 27001:2013 (US, Canada, & UK Only)
  • ISO/IEC 27002:2013 (US, Canada, & UK Only)

HIPAA Compliance Toolkit

Reduce the risks of a HIPAA violation by ensuring appropriate security requirements and control measures are established to protect the privacy and security of all protected health information.

  • Healthcare - Providers Enterprise Risk Library
  • HIPAA Omnibus Final Rule 2013
  • NIST SP 800-66 Implementing HIPAA Security Rule Revision 1

Data Privacy Toolkit

Reduce compliance efforts for existing and emerging data privacy regulations by leveraging ready-to-use universal standards that provide an excellent starting point regardless of your industry and geography.

Want to learn more about Galvanize's compliance with GDPR? Click here.

  • EU General Data Protection Regulation (GDPR) 2016
  • ISACA Data Protection Impact Assessment 2017
  • ISACA Privacy Principles 2016
  • The California Consumer Privacy Act of 2018

Not what you were looking for? Explore more content suites

Banking & Lending

  • AML/ATF Compliance Toolkit
  • EFT Risk Toolkit
  • Banking Op Risk Toolkit
  • And more

Governments & Higher Education

  • Improper Payments Toolkit
  • Yellow Book (GAGAS) Toolkit
  • Grants Management Toolkit
  • And more

Financial Controls Monitoring

  • Accounts Payable Toolkit
  • Vendor Management Toolkit
  • Human Resources Management Toolkit
  • And more

Subscription Value

  • GRC Subscription Value Toolkit
  • Analytics Subscription Value Toolkit
  • And more