Find out where your security program stands — in 20 minutes, for free.
Self-scoring assessment workbooks that tell you exactly where you're strong, where you're exposed, and what to fix first. Plus production-ready policy templates and response guides you can deploy today. No email. No account. Just download and use.
Assessment Tools
Know exactly where you stand — before someone else tells you.
Self-scoring workbooks that give you a number, not a feeling. Download one, answer the questions honestly, and see your readiness score by category. The gaps you find are the reason the products below exist — but the assessment is yours to keep regardless.
Risk Management Readiness Checklist
Score your organization's risk management maturity across 40 requirements in 8 categories: governance, identification, assessment, treatment, BIA, vendor risk, controls, and evidence.
- ✓ 40 requirements across 8 categories
- ✓ Scoring guide with maturity levels
- ✓ Covers risk, BIA, vendor, and controls
- ✓ Excel format — track progress over time
SOC 2 Readiness Assessment Workbook
Self-assess your organization against all SOC 2 Common Criteria (CC1–CC9). Scores your maturity across 33 criteria with an auto-calculating readiness dashboard.
- ✓ All 33 Security criteria assessed
- ✓ Auto-scoring readiness dashboard
- ✓ Maturity-level conditional formatting
- ✓ Excel with 32 formulas — fully editable
NIST CSF 2.0 Readiness Checklist
Comprehensive checklist covering all six NIST CSF 2.0 functions. Assess your current security posture and identify gaps across 106 assessment questions.
- ✓ All 6 CSF functions covered
- ✓ 106 assessment questions
- ✓ Gap identification guidance
- ✓ Excel format with scoring
Policy Starter Checklist
Assess your organization's cybersecurity policy coverage across all 18 essential policy areas. Scores your coverage and prioritizes gaps.
- ✓ 18 policy areas assessed
- ✓ Auto-scoring dashboard
- ✓ Framework mappings (NIST, ISO, CIS)
- ✓ Excel with conditional formatting
CMMC Level 1 Self-Assessment
Self-assess compliance with all 17 CMMC Level 1 practices from FAR 52.204-21. Includes assessment criteria, evidence guidance, and domain-level scoring.
- ✓ All 17 practices, all 6 domains
- ✓ Assessment criteria per practice
- ✓ Evidence examples included
- ✓ Excel with auto-scoring
Security Program Samples
Deploy a policy, a risk register, or an IR plan — today.
Complete, production-ready documents built to the same standard we deliver to paying clients. Not thin templates. Not checkbox exercises. Documents you can hand to your board, your auditor, or your insurer and they'll take seriously.
Information Security Policy
The foundational document for any security program. 14 pages covering governance, risk management, access control, operations security, incident management, business continuity, cryptography, privacy, and more.
- ✓ 14 policy statement areas
- ✓ Full roles and responsibilities matrix
- ✓ Definitions, related documents, document control
- ✓ Word format — fully customizable
Risk Register Spreadsheet
Working risk register with auto-calculating scores, conditional formatting, dropdown validation, 5×5 risk matrix, scoring criteria, and a live dashboard. Pre-loaded with 8 realistic example risks.
- ✓ 173 formulas — fully dynamic
- ✓ Auto-calculated risk levels with color coding
- ✓ Dashboard with counts by level, status, and category
- ✓ Excel format — use immediately
Incident Response Plan
Complete incident response plan covering all six phases: detection, triage, containment, eradication, recovery, and post-incident review. Includes severity classification, IRT roles, communication protocols, and evidence handling.
- ✓ 6-phase response methodology
- ✓ Severity classification matrix (S1–S4)
- ✓ Incident report form and log templates
- ✓ Word format — fully customizable
Acceptable Use Policy
Comprehensive policy covering email, internet, passwords, devices, removable media, cloud services, network access, social media, and physical security. Includes prohibited activities and monitoring provisions.
- ✓ 10 detailed usage requirement areas
- ✓ Prohibited activities with specific examples
- ✓ Monitoring and privacy provisions
- ✓ Word format — fully customizable
Risk Assessment Template
Complete risk assessment methodology with likelihood and impact scales, risk matrix, treatment strategies, risk register field definitions, and three fully worked example risk entries.
- ✓ 5-step assessment methodology
- ✓ Likelihood and impact scoring criteria
- ✓ 3 detailed example risk entries
- ✓ Word format — fully customizable
Security Questionnaire Response Guide
Pre-approved responses to the most common security questionnaire questions across 12 domains. Standard and brief response variants for each question, plus guidance on handling unaddressed questions.
- ✓ 12 security domains covered
- ✓ Standard + brief response variants
- ✓ Usage guidelines and customization notes
- ✓ Word format — fully customizable
Don't see the framework you need? Use the Request Documentation Suite option to tell us what to build next. Every product in our catalog started as a request.
Sample Documents
See what a Ridgeline product looks like before you buy one.
Full documents from our product line — not previews or excerpts. Download, open, and judge the depth, structure, and quality. These are the files your team would deploy.
AI Acceptable Use Policy Template
Complete, editable AI governance policy covering tool classification, data handling, prompt injection awareness, and incident reporting. Mapped to NIST AI RMF, OWASP LLM Top 10, and ISO 42001.
- ✓ 14 sections with specific guidance
- ✓ 3-tier AI tool classification system
- ✓ Data handling rules and prohibited uses
- ✓ Word format — fully customizable
Phishing Awareness Training Module
Full training module from the Security Awareness Training Suite. PowerPoint slide deck covering phishing attack types, red flags, real-world examples, and response procedures.
- ✓ 10–15 minute training presentation
- ✓ Real-world phishing examples
- ✓ Red flag identification techniques
- ✓ PowerPoint — fully editable and rebrandable
Security Questionnaire Cheat Sheet
The 15 most common security questionnaire questions mapped to the specific documents you need to answer them. Includes a 48-hour response workflow.
- ✓ 15 questions with required docs
- ✓ Response workflow (48 hours)
- ✓ Minimum viable document stack
- ✓ PDF format — print and reference
Board Cybersecurity Report Template
Executive-ready report template covering security posture, key metrics, top risks, incidents, initiatives, and board decisions required.
- ✓ 7 reporting sections
- ✓ KPI metrics table with targets
- ✓ Risk register summary format
- ✓ Word format — customize and present
Sample Acceptable Use Policy
A complete IT acceptable use policy showing our documentation format, structure, and quality level.
- ✓ Complete policy structure
- ✓ Framework mappings included
- ✓ Customization guidance
- ✓ PDF format
Product Previews
Browse before you buy
Full table of contents and sample pages from selected products.
Cybersecurity Governance Suite Preview
Full table of contents and sample pages from the governance documentation toolkit.
View PreviewCMMC Compliance Toolkit Preview
Documentation coverage for all 17 CMMC Level 1 practices.
View Preview✗ Free Resources
- Individual checklists and assessment tools
- Score your current gaps and maturity
- Sample the documentation quality
- Self-serve — no implementation guidance
✓ Full Product
- Complete documentation set (20–130+ files)
- Framework-mapped policies, procedures, and plans
- Browser-based apps with AI features and dashboards
- Implementation guides, workshop kits, and board decks
Get notified when new toolkits launch
We're building incident response, endpoint security, cloud configuration, and more. Be the first to know when they're available.
Need help implementing?
We customize any product to your organization. Foundation $1,997 · Compliance $3,497.
View Services →