AI Governance Checklist
A practical checklist for AI inventory, data risk, human oversight, AI vendor controls, and executive reporting.
AI GovernanceChecklist
Open preview → Governance library
Resources and checklists
A practical resource center for cyber governance, privacy, AI risk, and customer trust workflows.
Open glossary Evidence pack Preview
- Scope and ownership clarity
- Risk register and decision rationale
- Policy/procedure evidence
- Vendor and customer trust records
Downloadable guides
Featured downloadable resources
DORA Readiness Checklist
A DORA readiness checklist for ICT risk management, incident reporting, resilience testing, and critical vendor controls.
DORAChecklist
Open preview → ISO 27001 Readiness Checklist
A static checklist for ISO 27001 scope, risk, policies, evidence, internal audit, and management review preparation.
ISO 27001Checklist
Open preview → Security Questionnaire Guide
A practical guide to managing customer security questionnaires through approved answers, evidence, and ownership.
Security QuestionnairesGuide
Open preview → Related insights
Related articles
DORA readiness for ICT vendors serving EU financial entities
Practical DORA readiness guidance for SaaS, cloud, security, infrastructure, and data vendors serving EU financial entities.
Read article →SOC 2 vs ISO 27001 for Turkish SaaS companies
A practical SOC 2 vs ISO 27001 guide for Turkish SaaS companies choosing the best assurance path for global customers.
Read article →AI governance framework for growing companies
A practical AI governance framework for growing companies that need inventory, risk tiers, data rules, vendor review, and oversight.
Read article →AI vendor risk management checklist for regulated companies
A concise checklist for reviewing AI vendors across data handling, model use, security, privacy, contracts, oversight, and exit plans.
Read article →Vendor security questionnaire guide for SaaS companies
How SaaS companies can answer customer security questionnaires with consistent evidence, approved language, and reusable control ownership.
Read article →Cross-border data transfers under KVKK and GDPR
A practical overview of cross-border transfer governance for companies operating between Turkey, the EU, and international vendors.
Read article →