Professional-grade NIST CSF 2.0 and PCI-DSS v4.0 workbooks — built by an IT Risk and Audit professional with 10+ years across banking, defense contracting, and financial services.
One-time payment. Instant download. No subscriptions, no renewal fees. Stripe checkout — secure and instant.
Complete workbook — all 6 CSF functions, 100+ subcategories, Executive Summary, maturity scoring, and Remediation Roadmap. Built to NIST CSF 2.0 (Feb 2024).
SAQ type selector, SAQ-A/B/D checklists, 70+ sub-requirements with testing procedures, Evidence Tracker, and Remediation Roadmap. Mandatory since March 2024.
Everything in both packs, plus NIST 800-53, CRI Profile 2.0, CCM, and COBIT as they release — at no extra cost. All future updates included.
Every template aligned to the current version — not last year's. Most free resources are still on NIST CSF 1.1 and PCI DSS v3.2.1.
All 6 functions including the new Govern function (Feb 2024). 100+ subcategories with maturity scoring.
Mandatory March 2024. SAQ selector, checklists, evidence tracker, and full roadmap.
Federal gold standard — government agencies and defense contractors. Control families + evidence mapping.
Financial sector's preferred profile — banks, credit unions, and fintechs aligned to NIST CSF.
Essential for AWS, Azure, and GCP environments and cloud-native organizations.
IT governance for audit committees, boards, and IT leadership globally.
Every workbook in the RiskForge vault was designed by a hands-on IT Risk and Audit professional — someone who has sat across the table from regulators, QSAs, and audit committees for over a decade.
"These aren't checklists assembled from a Google search. They come from real assessments, real control gaps, and real regulatory findings — across banking, defense contracting, and financial services."
All templates are delivered as .xlsx files compatible with Microsoft Excel 2016+, Microsoft 365, Google Sheets, and LibreOffice. No additional software required.
Yes. NIST CSF 2.0 (February 2024) including the new Govern function, and PCI DSS v4.0 mandatory March 31, 2024. Most free resources are still on previous versions.
Yes. Single license covers use within your organization or for client projects. Contact us for multi-license arrangements for consultants and MSPs.
Immediate access to both current workbooks. As new templates are completed you'll receive download links automatically at no additional charge.
No — these workbooks help you prepare for and manage your compliance posture internally. Formal certification still requires a qualified assessor where mandated.
All sales are final due to the digital nature of the product. If a template has a technical issue or differs from its description, contact us within 7 days.
Download both workbooks, open in Excel or Google Sheets, and start your first gap assessment this afternoon. No consultants. No waiting. No guesswork.
🔒 Secure checkout via Stripe · Instant download · One-time payment