Practical Guides and White Papers

In-depth resources to structure your GRC program, written by Canadian experts.

4 guides available

4 free templates

Canadian context

Guides (4)Templates (4)View all articles

Guides and white papers

Guide24 pages

Complete Law 25 Guide

Everything you need to know about Quebec's Law 25: obligations, timelines and practical steps to bring your organization into compliance.

Read guide

Guide18 pages

DPIA: Practical Guide

How to conduct a Privacy Impact Assessment compliant with Law 25, step by step.

Read guide

White paper32 pages

Managing Multiple GRC Frameworks

Strategies to align ISO 27001, Law 25 and PCI-DSS in a unified GRC program without duplicating efforts.

Read guide

Guide16 pages

Risk Assessment for SMEs

Practical method to identify, assess and treat security risks in a small or medium-sized enterprise.

Read guide

Downloadable templates

Ready-to-use templates to accelerate your compliance — free, no registration required.

Law 25 DPIA Template

DOCX

Complete Word template to conduct a DPIA compliant with Law 25.

Law 25 Checklist

PDF

Comprehensive checklist of Law 25 obligations by phase.

Risk Register Template

XLSX

Structured Excel spreadsheet to inventory and assess your risks.

Audit Plan Template

XLSX

Excel template to plan your annual internal audits.

These templates are provided as a starting point. They must be adapted to your organization's specific context. For a turnkey compliance solution, discover the CapGRC platform.

Automate with CapGRC

Stop managing compliance in Excel files. CapGRC centralizes your risks, audits, PIAs and frameworks in a single platform.

Request a demo CapGRC vs Excel