(You save $3,831.00 )

DSP Bundle 1: Policies, Standards, Procedures & Controls

Email Delivery Within 1-2 Business Days

Maximum file size is 15000KB, file types are bmp, gif, jpg, jpeg, jpe, jif, jfif, jfi, png, wbmp, xbm, tiff

Adding to cart… The item has been added

dsp bundle 1

Digital Security Plan (DSP) Bundle #1 - SCF-Aligned Policies, Standards & Procedures (25% Discount)

This is a bundle that includes the following two (2) ComplianceForge products that are focused on operationalizing the Secure Controls Framework (SCF):

  1. Digital Security Program (DSP)
  2. Cybersecurity Standardized Operating Procedures (CSOP)

Product Walkthrough Videos

These short product walkthrough videos are designed to give a brief overview about what the DSP Bundle #1 is to help answer common questions we receive.


This bundle is focused on the providing the "meat & potatoes" of a cybersecurity and privacy program - the policies, standards, controls, procedures and metrics that form the basis of security and privacy operations. This bundle goes beyond just having cybersecurity policies and standards. The end result with the DSP is a comprehensive, customizable, easily-implemented set of documentation that your company needs to establish a scalable, "best in class" cybersecurity and privacy program. Being Microsoft Word documents, you have the ability to make edits, as needed. Please note that if you want a customized bundle, we are happy to create one for you. Just contact us with your needs and we will generate a quote for you.

SCF Connect Free Trial | SCF GRC

Cost Savings Estimate - DSP Bundle #1 

When you look at the costs associated with either (1) hiring an external consultant to write cybersecurity documentation for you or (2) tasking your internal staff to write it, the cost comparisons paint a clear picture that buying from ComplianceForge is the logical option. Compared to hiring a consultant, you can save months of wait time and tens of thousands of dollars. Whereas, compared to writing your own documentation, you can potentially save hundreds of work hours and the associated cost of lost productivity. Purchasing this bundle from ComplianceForge offers these fundamental advantages when compared to the other options for obtaining quality cybersecurity documentation:

  • For your internal staff to generate comparable documentation, it would take them an estimated 1,900 internal staff work hours, which equates to a cost of approximately $161,000 in staff-related expenses. This is about 12-24 months of development time where your staff would be diverted from other work.
  • If you hire a consultant to generate this documentation, it would take them an estimated 1,600 contractor work hours, which equates to a cost of approximately $480,000. This is about 9-18 months of development time for a contractor to provide you with the deliverable.
  • This bundle is approximately 3% of the cost for a consultant or 9% of the cost of your internal staff to generate equivalent documentation.
  • We process most orders the same business day so you can potentially start working with the documentation the same day you place your order.

SCF DSP bundle 1


Product Hierarchy & Interactions

The diagram below helps visualize how the DSP exists at a strategic level to define the "what" and "why" requirements to be secure and compliant. Those foundational policies and standards influence every other component of your cybersecurity and data protection program.

ComplianceForge editable cybersecurity policies standards procedures

Products Included in DSP Bundle #1

Digital Security Program

Digital Security Program (DSP)
The DSP addresses more than just the “why?” and “what?” questions in an audit, since in addition to the core policies and standards that form the foundation for your cybersecurity program, the DSP comes with controls and metrics! 

  • Most popular product for organizations that need to address multiple compliance obligations and cannot be locked into a single framework (e.g., NIST 800-53, ISO 27002 or NIST Cybersecurity Framework).
  • Maps to over 100 statutory, regulatory and contractual cybersecurity and privacy frameworks to create a hybrid approach to cybersecurity policies, standards, controls and metrics.
  • Provides 1-1 mapping with the Secure Controls Framework (SCF), so you can easily align your policies, standards and metrics with the controls you use from the SCF!
  • DSP contains many useful supplemental documentation templates:
    • Data classification & handling guidelines
    • Data retention guidelines
    • Rules of behavior (acceptable use)
    • and many more templates
cybersecurity procedures template Cybersecurity Standardized Operating Procedures Template (CSOP) - DSP Version
The DSP version of the CSOP is a template for procedures. This is an expectation that companies have to demonstrate HOW cybersecurity controls are actually implemented.
  • This is an editable Microsoft Word document.
  • Given the difficult nature of writing templated procedure statements, we aimed for approximately a "80% solution" since it is impossible write a 100% complete cookie cutter procedure statement that can be equally applied across multiple organizations. What this means is ComplianceForge did the heavy lifting and you just need to fine-tune the procedure with the specifics that only you would know to make it applicable to your organization. It is pretty much filling in the blanks and following the helpful guidance that we provide to identify the who/what/when/where/why/how to make it complete.
  • The CSOP is mapped to leading frameworks to help with mapping compliance requirements.



2 Reviews Hide Reviews Show Reviews

  • 4
    A Time Saver - Ready for Certification

    Posted by Unknown on Feb 04, 2021

    The documents I received puts my company in a fantastic position to be prepared for any audit and future certifications. Thank you for professional work. Well worth the investment.

  • 5

    Posted by DS on Feb 18, 2020

    The DSP and associated documentation has become an invaluable tool in helping us re-align our policies with industry standard frameworks. The 'icing on the cake' is being able to link control objectives with a maturity model from which we can generate actionable metrics on gaps for executive leadership. I have also found the folks at ComplianceForge to be very responsive and helpful with questions and follow up.

Learn More About Cybersecurity & Data Privacy