Logo StartupKit
EN

Training Template Library

Browse Kit's shared library of ready-made certification decks — SOC 2, GDPR, ISO 27001, and HIPAA — and seed a complete program from one.

Why It Matters

Different companies answer to different frameworks. A US health-tech vendor needs HIPAA workforce training; a European SaaS needs GDPR staff-awareness; almost everyone selling B2B eventually needs SOC 2 or ISO 27001. Writing any one of those decks from scratch — the slides, a defensible quiz, a legally sound attestation — is days of work you shouldn’t repeat per framework.

Kit ships a template library: a curated set of complete, audit-ready certification decks you can browse and seed in a couple of clicks. Pick the framework you’re being audited against, answer a few questions about your company, and you have a finished program to refine — not a blank page.

Browsing the Library

From the Training dashboard, click Build from template to open the gallery at /training/templates. The library shows one card per framework, each with its name, a short description, the language, and an approximate slide and question count. Click Use this template on the card you want.

Note

The template library is admin-only. The Build from template link and the gallery are visible to account admins, the same people who author and publish programs. Participants never see it — they only take the training they’re invited to.

The Four Frameworks

Every deck follows the same shape: an ordered set of content slides, a multiple-choice knowledge check, and a sign-off attestation. Each is roughly 12–14 slides plus a knowledge check, with company-specific facts written once as {{ variables }} and filled in from your answers.

Framework Deck covers
SOC 2 The all-hands annual security-awareness and business-continuity deck: phishing, credentials, MFA, device security, data handling, remote work, dependency hygiene, AI tools, incident reporting, and continuity.
GDPR Data-protection staff awareness: the core principles, personal vs. special-category data, lawful basis and consent, data-subject rights, minimization and retention, processors and DPAs, international transfers, privacy by design, and breach handling with the 72-hour duty.
ISO 27001 Information Security Management System (ISMS) awareness: what the ISMS is and why certification matters, the security policy, everyone’s role, risk treatment, information classification, access control, cryptography, clear desk, operations and supplier security, incident reporting, and business continuity.
HIPAA Workforce training for the Privacy Rule and Security Rule: what counts as PHI and ePHI, the minimum-necessary standard, permitted uses and disclosures, patient rights, safeguards for devices and communications, Business Associate Agreements, breach reporting, and secure disposal.

Tip

Not sure which one you need? Pick the framework named in the audit or certification you’re pursuing. If you’re covering general staff security awareness with no specific regime in mind, SOC 2 is the broadest starting point.

Language Selection

Template content (slides, quiz, attestation) is authored in English today. Each card in the gallery is resolved to your account’s language automatically: Kit reads your account’s default_locale, shows the matching variant when one exists, and otherwise falls back to the English deck. More languages are planned — as localized decks are added, the same account setting will surface them with no change on your side.

The gallery chrome — headings, buttons, counts — is already fully localized into every language Kit supports, so the page reads naturally even while the deck content itself is English.

From Template to Program

Picking a deck seeds a complete program, then hands you straight to the smart-template Q&A to make it yours:

  1. Choose — On the gallery, click Use this template for the framework you want. Kit creates a program named after your account and seeds the full deck — every slide, the quiz, and the attestation.
  2. Fill in your specifics — You land on the smart-template questions. Answer a short list about your company (name, password manager, incident contact, and so on); each answer fills the {{ variables }} across every slide and the attestation.
  3. Refine — Review and edit slides, tune the knowledge check, and adjust the attestation text.
  4. Publish — Once the program has at least one slide, a configured quiz, and attestation text, publish it and invite participants.

Each seeded program is independent and tenant-scoped: your content stays yours, and choosing a template never touches other programs.

Re-seeding Is Safe

A program remembers which deck it came from. You can return to the smart-template questions at any time, change an answer, and re-seed. Re-seeding is idempotent — each template slide is matched by its key and updated in place, so re-running never creates duplicates and never clobbers slides you added by hand.

Important

Re-seeding refreshes the template’s own slides, quiz, and attestation from the deck it was seeded from. It always re-seeds that same framework — the deck you originally picked — so switching an answer and re-seeding safely pushes the new value through every template slide while leaving your custom slides untouched.

For AI Agents (MCP)

The library is also reachable over Kit’s MCP tools. training_list_templates returns the available frameworks with their counts for the account’s language, and training_seed_from_template accepts a template parameter (a framework key like soc2, gdpr, iso27001, or hipaa) so an agent can seed the right deck. Omitting the parameter defaults to SOC 2.

Next Steps

Type to search...