Cybersecurity Templates
Our CAN/DGSI 104:2021 / Rev 1: 2024 (CyberSecure Canada) templates are meticulously designed to align with the CAN/DGSI 104:2021 / Rev 1: 2024 requirements.
Our CyberSecure Canada templates offer a collection of policy templates, each tailored to address specific sub-controls outlined by the CyberSecure Canada program. These templates are comprehensive and cover various critical areas, including antimalware, firewalls, incident response plans, and more. By utilizing our templates, organizations can establish a strong foundation for their cybersecurity policies, ensuring alignment with the CyberSecure Canada framework.
Alignment with Standard Requirements
Our templates have been developed to meet the specific guidelines and requirements set forth by the CAN/DGSI 104:2021 / Rev 1: 2024 standard. This ensures that organizations can create policies that align with industry best practices and regulatory standards.
Policy Templates for Each Sub-Control
Our templates include policy documents for each sub-control identified by CAN/DGSI 104:2021 / Rev 1: 2024. This approach enables organizations to create policies that address all necessary areas, fostering a holistic cybersecurity approach.
Comprehensive Coverage
The CAN/DGSI 104:2021 / Rev 1: 2024 templates cover a wide range of cybersecurity domains, including but not limited to antimalware measures, firewalls, incident response plans, employee awareness training, access control, data backup and recovery, etc.
Personalized and Scalable
Our templates are personalized with your business name and logo, and allow organizations to tailor the policies to their specific needs and organizational structure.
Time-Saving Solution
By utilizing our CyberSecure Canada templates, organizations can save valuable time and effort in developing cybersecurity policies from scratch. The templates serve as a great starting point, enabling businesses to expedite the policy creation process.
Why use the templates?
Our templates provide organizations with a convenient and comprehensive solution for establishing robust cybersecurity policies aligned with the CyberSecure Canada program. By leveraging these templates, businesses can enhance their cybersecurity posture, mitigate risks, and demonstrate their commitment to safeguarding sensitive data and digital assets. Start your journey towards CAN/DGSI 104:2021 / Rev 1: 2024 compliance today with our ready-to-use templates!
What polices are included?
4.1.2.1 Leadership
4.2.2.1 Accountability
4.3.2.1 Cyber Security Training
4.3.3.1 Ongoing Awareness Training
4.4.2.1 Cyber Security Risk Assessment
4.4.3.1 Cyber Security Risk Assessment Policy
4.4.3.2 List of Information Systems and Assets
4.4.3.3 Accepted Cyber Security Risks
4.4.3.4 IT Security SPending Levels Raw
4.4.3.5 IT Security Staffing
4.4.3.6 Commitment to Cyber Security
4.4.3.7 When to update an existing cyber security risk assessment
4.4.3.8 Implementing Baseline Controls
4.4.3.9 Reviewing Controls to Ensure Effectiveness
4.4.3.10 Company Size Attestation
5.1.2.1 and 5.1.2.2 Incident Response Plan
5.1.2.3 Testing Incident Response Plan
5.1.2.4 Cybersecurity Insurance
5.2.2.1 Security Patches
5.2.2.2 Automatic Patching
5.2.2.3 Replacing Systems Incapable of Automatic Patching
5.3.2.1 Enable Security Software
5.4.2.1 Secure Configurations for Devices
5.5.2.1 Mult-Factor Authentication
5.5.2.2 Changing Password On Suspicion of Compromise
5.5.2.3 Password Length – Reuse – Writing Down
5.5.3.1 Password Managers
5.6.2.1 Essential Business Information
5.6.2.2 Frequency of Backups
5.6.2.3 System Backups
5.6.2.4 Storing Backups
5.6.2.5 Encrypting Backups
5.6.2.6 Backup File Integrity
5.6.2.7 Testing Critical Backups
5.6.2.8 Sampling Backup Data
5.7.3.1 Firewalls
5.7.3.2 DNS Firewall
5.7.3.3 Software Firewalls
5.7.3.4 Encrypted Connectivity and VPN Access with MFA
5.7.3.5 Corporate Wi-Fi
5.7.3.6 Segmenting Corporate and Public Networks
5.7.3.7 DMARC
5.7.3.8 Email Filtering
5.7.3.9 Home Network Segregation
5.8.2.1 Provision Accounts with Minimum Functionality Necessary
5.8.2.2 Admin Accounts Only Perform Admin Activities
5.8.2.3 Admin Accounts Only Perform Admin Activities
5.8.3.1 Centralized Authorization Control System
6.1.2.1 Mobile Device Education
6.1.3.1 Ownership Model for Mobile Devices
6.1.3.2 Securing Mobile Devices
6.2.2.1 Evaluating Risk Tolerance for Outsourced IT or Cloud Apps
6.2.3.1 AICPA SSAE 19 or Equivalent Reports
6.3.2.1 OWASP Top 10 Awareness
6.3.3.1 OWASP Top 10
6.3.3.2 ASVS Levels
6.4.2.1 Company Owned Portable Media
6.4.3.1 Using Portable Media
6.5.2.1 POS Terminals and Financial Systems
6.6.3.1 Log Management