Skip to main content
NEW DORA enforcement active — ESAs designated CTPPs November 2025
EU Compliance · CIPP/E Aligned

Audit-Ready
Compliance
Blueprints

Professional-grade DOCX + PDF compliance documentation for DORA, EU AI Act, NIS2, and GDPR — authored by credentialed practitioners, ready in minutes.

DORAEU AI ActNIS2GDPRISO 42001SOC 2
Browse All Blueprints View Pricing
Authored by: CISSPCISMAIGPPMP
CIPP/E · CIPP/US Aligned
Instant DOCX + PDF delivery
Updated within 30 days of regulation changes
7-day no-questions refund
Inline article references
Blueprint Library

Compliance Blueprints

Professional documentation built against actual regulatory text. Editable DOCX + formatted PDF, delivered instantly.

★ Featured Blueprint
GDPR · Art. 30

GDPR Record of Processing Activities (RoPA)

Complete Article 30 RoPA template covering all mandatory fields for both controllers and processors. Includes …

GDPRArt. 30RoPACIPP/E
€59
18 pages · DOCX + PDF
GDPR · Art. 35

Data Protection Impact Assessment (DPIA)

Full Art. 35 DPIA template with necessity and proportionality assessment, risk matrix, and DPA consultation tr…

GDPRArt. 35DPIAEDPB WP248
€69
22 pages · DOCX + PDF
GDPR · Art. 33-34

Personal Data Breach Response Toolkit

End-to-end breach management toolkit covering detection, 72-hour supervisory authority notification, and data …

GDPRBreachArt. 33Art. 34Incident Response
€69
20 pages · DOCX + PDF
★ Featured Blueprint
DORA · Art. 5-14

ICT Risk Management Framework

Full DORA Art. 5-14 ICT risk management policy covering identify, protect, detect, respond, and recover functi…

DORAICT RiskArt. 5-14Risk Framework
€89
28 pages · DOCX + PDF
DORA · Art. 17-23

DORA ICT Incident Management & Reporting

Complete DORA incident classification, 4-hour/72-hour/1-month regulatory reporting templates, and incident log…

DORAIncident ReportingArt. 17-23RTS
€79
26 pages · DOCX + PDF
DORA · Art. 28-44

Third-Party ICT Risk Register & Assessment

Structured third-party register covering all DORA Art. 28-44 requirements. Criticality scoring, contractual ch…

DORAITSVendor RiskOutsourcing
€79
30 pages · DOCX + PDF
★ Featured Blueprint
EU AI ACT · Art. 9-15

High-Risk AI System Conformity Assessment

Article 9-compliant conformity assessment covering all high-risk AI requirements. Technical documentation per …

EU AI ActAnnex IVHigh-Risk AIConformity
€99
35 pages · DOCX + PDF
NIS2 · Art. 21

NIS2 Cybersecurity Risk Management Policy

Full NIS2 Article 21 policy covering all ten mandatory risk management measures. 24-hour incident notification…

NIS2Art. 21Cyber RiskIncident Reporting
€69
26 pages · DOCX + PDF
Pricing

Straightforward Pricing

No subscriptions required. Buy what you need — or get everything at once.

Individual Blueprint
€49–€99
per template

Purchase exactly what you need. Every blueprint includes DOCX + PDF and a companion How-To guide.

  • Editable DOCX + formatted PDF
  • Inline article references
  • Instant delivery via Lemon Squeezy
  • 7-day full refund guarantee
  • Free updates for 12 months
  • Single organisation licence
Browse Blueprints
Best Value
Full Library Access
€449
one-time or €49/mo

Complete access to all current and future blueprints. Best value for compliance teams and GRC consultants.

  • All 18+ templates (DOCX + PDF)
  • All future blueprints included
  • Priority update notifications
  • Multi-framework gap analysis
  • Consulting use: ask for multi-client licence
  • Priority email support
Get Full Library
Consulting / White-Label
Custom
multi-client licence

For GRC consultancies serving multiple clients. White-label rights and volume pricing available.

  • Multi-client deployment rights
  • White-label option (remove branding)
  • Bulk purchase discounts (2-3x pricing)
  • Custom template requests
  • Quarterly update briefings
  • Dedicated account contact
Contact for Pricing

All purchases processed by Lemon Squeezy (Merchant of Record). VAT handled automatically. 7-day refund guarantee.

Frequently Asked Questions

About

Built by a Practitioner.
Not a template factory.

Every GRCBlueprints template is authored against the actual regulatory text — not summarised guidance or blog post interpretations. DORA articles, EU AI Act annexes, NIS2 implementing acts. The real thing.

With decade-long experience implementing DORA, NIS2, and AI governance frameworks for EU financial institutions, I built the documentation I wished existed at the start of each engagement.

  • 10+ years in EU financial services compliance and ICT risk management
  • DORA implementation projects for EU banks and ICT third-party providers
  • EU AI Act gap analysis for financial entities deploying AI in credit decisions
  • NIS2 Article 21 policy frameworks for critical infrastructure operators
  • ISO 42001 AI management system implementations
  • Regular speaker at EU compliance and GRC forums
Get in Touch
CISSP
Certified Information Systems Security Professional
ISC²
CISM
Certified Information Security Manager
ISACA
AIGP
Artificial Intelligence Governance Professional
IAPP
PMP
Project Management Professional
PMI
Template Alignment

All blueprints are authored with CIPP/E (EU privacy law) and CIPP/US (US privacy law) knowledge bodies in mind, ensuring global applicability beyond EU-only compliance.

Stay Updated

DORA & Compliance Updates

New blueprint releases, regulatory updates, and ESA technical standard alerts. No spam — unsubscribe anytime.

Start today

Compliance documentation.
Done properly.

Stop building from scratch. Every blueprint is ready to adapt, review with counsel, and submit — in minutes, not months.

Browse All Blueprints View Pricing →