Resources
/
Templates & Checklists
Ready-to-use templates for your security program
Checklists, reporting templates, playbooks, and annual plans — all tailored to German law and typical healthcare scenarios. Download after a brief sign-up, no follow-up campaigns.
NIS2 · Self-Assessment
NIS2 Readiness Check (32 points)
Structured self-assessment based on the ten risk management measures under Section 30 of the BSIG, broken down into 32 specific assessment points with maturity rating. Result: a reliable status assessment in 60 minutes.
8 pages
For management, ISB, IT management
DOCX
NIS2 · Reporting Obligations
NIS2 reporting templates: 24h, 72h, 30 days
Three pre-prepared Word templates for the § 32 BSIG reporting obligation: initial report (24 hours), assessment report (72 hours), final report (30 days). Healthcare scenarios as sample wording, with all required fields structured and ready to fill out directly in an emergency.
12 pages
For management, ISB, CISO
DOCX
BETRVG · SAMPLE TEXT
Phishing Simulation Works Agreement
Complete sample works agreement text for introducing phishing simulations — purpose limitation, anonymization, retention periods, access rights, works council evaluation. Compliant with Section 87(1) No. 6 of the German Works Constitution Act (co-determination), GDPR Art. 28 (data processing agreement) and GDPR Art. 6(1)(f) (legal basis). Ready for direct negotiation.
6 pages
For management, HR, staff council
XLSX
Awareness · Annual Planning
Awareness Program: 12-Month Annual Plan
Editable Excel template for a 12-month awareness program with monthly themes, module suggestions, a target group matrix, and a KPI tracking sheet. Suitable for NIS2 and § 75b/c documentation.
3 tables
For HR, ISB, Security Team
MORE RESOURCES
Templates alone are not enough. Guides and webinars build the context.
For in-depth written analyses, we offer guides on implementing NIS2 in medical care centers and hospitals, ransomware contingency planning, phishing law, and the operational interpretation of Section 30 of the BSIG. For interactive, dialogue-based formats, there are live webinars with Q&A.