Resources

Our free tools, templates and cheat sheets are designed to give you a head start on your privacy, cyber security and data governance tasks.
Interactive guide
Five steps to creating a data processing inventory

We have refined a methodology which has delivered consistently high-quality outcomes across a range of organisations and business sectors. This is a five-step process that is a systematic approach to identifying and documenting processes in your organisation.

This interactive guide will step you through the process.

Template
Notification Register template (NSW Mandatory Notification of Data Breach)

The NSW MNDB Scheme requires agencies to maintain a public facing notification register, published on the agency’s website, for any public data breach notifications that the agency has issued.

We have developed a template notification register that can be customised to suit your agency.

Template
Incident Register template (NSW Mandatory Notification of Data Breach)

The NSW MNDB Scheme requires agencies to maintain an internal data breach incident register, which is not public-facing, and acts as a record for the agency’s data breaches over time.

We have developed a template incident register that can be customised to suit your agency. This template can also be used to record privacy incidents or ‘near misses’.

Report
Data ethics approaches among Australian organisations

This research report by elevenM looks at how Australian organisations are approaching the challenge or AI and data ethics.

Interactive guide
Privacy impact assessment toolbox

Building a privacy impact assessment toolbox is an interactive resource that will step you through the four steps of a PIA and provide you with key tools to support you in this process.

Template
Information gathering checklist

The second of four steps of a PIA is information gathering. This information gathering covers organisational policy and process documents (such as privacy policies and collection notices), interviewing people involved in the project, and observing or assessing physical processes (when relevant).

We have developed a ‘Information gathering checklist’ template to help get you started, and which you can customise to your organisation.

Template
PIA register template

The final step of a PIA is to mitigate the identified risks and record approval of actions against these risks. This process needs to have specific, pragmatic actions, so everyone is clear what needs to be done to reduce or remove a risk.

We have developed a template ‘PIA register’ to help get you started, and which you can customise to your organisation.

Interactive guide
Privacy heatmap

Developing a privacy heatmap is about using process data to proactively identify and strategically target those business areas that need more attention.