1.0 - Introduction
At HighGround, we understand the challenges Managed IT Service Providers (MSPs) face when it comes to maintaining compliance, ensuring security, and managing operational efficiency.
To support MSPs in delivering reliable and professional services, we offer a range of free templates such as guides, templates, plans and procedures.
Every resource is designed to save time, promote best practices, and help you and your clients stay prepared and protected - completely free of charge.
2.0 - Free IT BCDR Plan
In the chaotic world of IT, disasters are less of an "if" and more of a "when."
Whether it’s a server meltdown, a ransomware attack, or Dave in accounting accidentally nuking the database (again), every client needs a rock-solid IT Business Continuity and Disaster Recovery (BCDR) plan.
And guess what? HighGround has your back with a free IT BCDR plan ready to roll.
Why an IT BCDR Plan Is Your New Best Friend
An IT BCDR plan is like a fire drill for your business tech. It’s the blueprint that ensures that when chaos strikes, you’re not the person running in circles, waving your arms, and yelling, “Everything’s fine!”
Imagine this: Instead of starting from scratch, you download HighGround’s free IT BCDR plan. It’s pre-built with all the details you need, customizable to match your clients' needs, and - most importantly - it won’t cost you a thing.
Here’s why it’s a game-changer:
Time Saver: No need to reinvent the wheel. HighGround’s template gives you a head start, so you can focus on what matters—keeping your clients safe.
Client Confidence: Show your clients a professional, detailed plan and watch them breathe a sigh of relief. They’ll love you for it (and who doesn’t want a little extra client love?).
Standardized Excellence: Whether you’re a small MSP or managing dozens of clients, you’ll have a consistent, high-quality approach to disaster recovery.
Easy Customization: Got a client with niche requirements? No problem! Tweak the plan to fit, and you’re good to go.
Head over to the Governance & Resilience section and you'll find your free IT BCDR Plan in the 'Free Resources' section.
3.0 - Free Information Security (InfoSec) Policies
Let’s face it: Writing IT policies from scratch is about as fun as watching paint dry.
But they’re also crucial for setting out 'what good looks like' for employees, keeping your clients' data secure and meeting compliance requirements.
That’s where HighGround offers a helping hand with our free Information Security Policy Pack that takes the pain out of policy-making.
What’s Inside HighGround’s Free Information Security Policy Pack?
This collection of ready-made, battle-tested templates is here to save you from the soul-crushing task of writing policies from scratch (because let’s be honest, no one dreams of spending their weekend drafting an Internet Acceptable Use Policy).
Each policy in this pack is designed to help your clients stay secure, compliant, and (hopefully) out of trouble. Here’s what’s inside and why it matters:
🔹 BYOD (Bring Your Own Device) Policy
Because Barry in accounting will connect his malware-infested, six-year-old Android phone to the company Wi-Fi. This policy lays down the ground rules for using personal devices at work, keeping corporate data safe while letting employees use their own tech.
🔹 Firewall Documentation
Your firewall is the moat protecting the castle—except castles don’t have people constantly trying to remote in from coffee shops. This doc helps you track firewall configurations, rules, and changes, so security doesn’t turn into a game of guess-the-port.
🔹 Information Security Policy
The big one. This policy sets the overall expectations for handling and protecting company data. It’s the Holy Grail of IT security documents—referenced in audits, security assessments, and whenever management wants to know “why we can’t just disable MFA.”
🔹 Internet Acceptable Use Policy
Because streaming Netflix in 4K on the office Wi-Fi should not be an IT issue. This policy spells out what’s okay (and what’s definitely not okay) when using company internet, helping prevent security risks, bandwidth hogging, and unexpected visits from HR.
🔹 IT Acceptable Use Policy
Think of this as the Terms & Conditions for using company IT resources—except people actually have to follow it. It covers things like proper workstation usage, software installations, and why Dave from Sales shouldn’t be downloading random Chrome extensions.
🔹 Password Policy
The necessary evil of IT security. This policy enforces password best practices (length, complexity, rotation) and reminds users that “Password123” is not an acceptable choice. Bonus: It helps you shut down complaints about why SSO is “too much effort.”
🔹 Remote Access Policy
For those who insist on working from the beach but still need VPN access. This policy ensures that remote connections are secure, whether it’s through a corporate VPN, RDP, or an approved cloud solution—because shadow IT is not your friend.
🔹 User Account Creation, Approval, Leavers & Movers Policy
A structured approach to onboarding new users, managing permissions, and ensuring that ex-employees don’t keep access forever (looking at you, Bob, who left three years ago but still has an active email account).
🔹 Work From Home Policy
Because “working from home” shouldn’t mean using the company laptop as a coaster for a bowl of soup. This policy lays out security expectations for remote workers—covering everything from encrypted connections to ensuring no one’s sharing company secrets over Alexa.
Each document is a fully editable template, designed to make your life easier. Just fill in the blanks, tailor it to your specific needs, and you’re good to go.
Head over to the governance & Resilience section and you'll find your free Information Security Policy pack there.
4.0 - Free Cyber Incident Response Plan (CIRP)
If you're clients are every the unlucky victim of a cyber-attack, that is not the time to try and build the plan on how to respond and recover. Planning should be done in the good times, when calmer heads prevail.
That’s why we provide you with a Free Incident Response Pack to help your clients plan for the worst with ease.
What’s Inside HighGround’s Free Incident Response Pack?
HighGround’s Incident Response Pack is a triple-threat template set, including:
Incident Response Vision & Mission: Define your clients goals and approach to cyber incident management, so everyone knows what success looks like.
Incident Response Plan (CIRP): This is Incident Response Plan itself and is a well thought out, regularly tested guide on how to deal with a cyber incident in the business, including key contact details, critical asset information, notification parameters and compliance requirements to be adhered to. From the moment an incident is reported to final incident reporting, this document covers it all.
Incident Response Procedure: Set out how your clients employees should identify and report suspected or actual cyber incidents and who to report them to. This procedure is a public document and all employees should know how to find and invoke it.
Each document is a fully editable template, designed to make your life easier. Just fill in the blanks, tailor it to your specific needs, and you’re good to go.
Head over to the governance & Resilience section and you'll find your free Incident Response pack there.
5.0 - Free Standard Operating Procedure (SOP) Template
Whether its a cyber incident or an IT outage (or worse, disaster), having robust standard operating procedures that you regularly review and test are crucial for ensuring you can recover quickly
That’s why HighGround provides a Free Standard Operating Procedure (SOP) Template, designed to help MSPs build comprehensive procedures for recovering clients key systems.
How HighGround’s SOP Template Helps MSPs (And Their Clients)
Saves Time & Effort: Instead of creating SOPs from scratch, HighGround’s template provides a strong foundation that you can build on.
Reduces Errors: When your team follows documented procedures, you reduce the risk of mistakes and miscommunication.
Improves Client Trust: SOPs show clients that you have professional, well-thought-out processes in place.
Simplifies Compliance: Many frameworks, like Cyber Essentials, require documented procedures. HighGround’s template makes meeting these requirements a breeze.
Head over to the governance & Resilience section and you'll find your Free Security Operations Procedure (SOP) Template ready to download.
6.0 - Free SME Decision Maker Guide
An SME Decision Maker Guide is a resource designed to help small and medium-sized enterprise (SME) owners, managers, or executives make informed business decisions. It provides insights, strategies, best practices, and step-by-step guidance on key topics such as cybersecurity, finance, technology adoption, compliance, or business growth.
Importance of an SME Decision Maker Guide:
Simplifies Complex Topics – Breaks down complicated subjects like cybersecurity frameworks, IT investments, or regulatory compliance into easy-to-understand language.
Supports Strategic Decision-Making – Helps SME leaders make informed choices that align with their business goals, financial constraints, and risk management strategies.
Saves Time and Resources – Instead of researching from multiple sources, SMEs get a consolidated guide to streamline decision-making processes.
Enhances Security and Compliance – Many guides focus on cybersecurity and compliance (e.g., Cyber Essentials in the UK), ensuring SMEs protect their data and meet regulatory requirements.
Improves Competitive Advantage – By making smart decisions based on expert advice, SMEs can stay ahead of competitors and optimize their operations.
Reduces Risk – Guides often highlight common pitfalls and how to avoid them, helping SMEs mitigate risks before they become costly problems.
For cybersecurity-focused businesses an SME Decision Maker Guide can be an essential tool to educate and influence potential clients, helping them understand why security is critical and how they can improve their defenses efficiently.
Head over to your clients dashboard and you will find your free SME decision maker guide under 'Downloads'.