Join the hundreds of companies that trust 6clicks
TermsAFSL Authorised Representative AICPA Annex A Controls ASIC Attestation of Compliance (AOC) Business Continuity Management Compliance Automation Software Compliance Risk Management Cybersecurity Maturity Model Certification (CMMC) FedRAMP Governance Risk & Compliance (GRC) GPDR HIPAA HITRUST Incident Management Information Security Management System (ISMS) ISMS Governing Body ISO 27001 Notifiable Data Breach OAIC Policy Management SOC 1 SOC 2 SOC 3 SOC Reports SOC Trust Services Criteria (TSC) SSAE 16 SSAE 18 Third Party Risk Management Vendor Assessment Vendor Management Policy Vendor Review Vulnerability Vulnerability Management
AFSL Authorised Representative
AICPA is the acronym for the American Institute of Certified Public Accountants. The AICPA is the originator of the SOC (System and Organization Controls)..
Annex A Controls
Australian Securities and Investments Commission ASIC is responsible for licensing financial services providers under the Corporations Act 2001 (Cth) and is..
Attestation of Compliance (AOC)
The Attestation of Compliance is the formal validation document used to demonstrate an entity’s compliance status to interested external parties (Banks,..
Business Continuity Management
Business continuity management is the ongoing process for management to oversee and implement resilience, continuity, and response capabilities to safeguard..
Compliance Automation Software
Compliance automation software monitors a company's internal systems and controls, helping ensure it complies with required standards and regulations while..
Compliance Risk Management
Cybersecurity Maturity Model Certification (CMMC)
The Cybersecurity Maturity Model Certification (CMMC) is a unified standard for implementing cybersecurity across the defense industrial base (DIB), which..
The Federal Risk and Authorization Management Program (FedRAMP) is a US specific government program that provides a standardised approach to security..
Governance Risk & Compliance (GRC)
Governance, risk, and compliance (GRC) software allows a company to effectively manage its governance, enterprise risk program, and its compliance with..
The General Data Protection Regulation (GDPR) 2016/679 is a regulation in EU law on data protection and privacy in the European Union and the European Economic..
HIPAA is the acronym for the Health Insurance Portability and Accountability Act passed by Congress in 1996. HIPAA helps by:
- Providing the ability to transfer..
HITRUST stands for the Health Information Trust Alliance and was founded in 2007. The standard was organised with the intent to provide an option for..
Incident management is the process of managing activities to detect, analyse, respond to, and remediate an organisation's security posture.
Information Security Management System (ISMS)
ISMS Governing Body
An ISMS governing body is an organizational governance team with management oversight, composed of key members of top management—typically defined as senior..
Notifiable Data Breach
The Office of the Australian Information Commissioner (OAIC) is an independent agency within the Attorney-General’s portfolio. The primary functions include..
Policy management is the process of creating, implementing and maintaining policies and procedures within an organisation. An effective policy management..
A Service Organization Control 1 or SOC 1 report is documentation of the internal controls that are likely to be relevant to an audit of a customer's financial..
Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five "trust service criteria" — security,..
SOC Trust Services Criteria (TSC)
The Trust Services Criteria (formerly Trust Services Principles) are control criteria utilized to evaluate and report on the suitability of the design and..
The Statement on Standards for Attestation Engagements No. 16 (SSAE 16) is a set of auditing standards and guidance published by the Auditing Standards Board..
SSAE 18 is a series of enhancements aimed to increase the usefulness and quality of SOC reports, now superseding SSAE 16. The changes made to the standard this..
Third Party Risk Management
Third-party risk management is the process of analysing and monitoring risks associated with outsourcing to third-party vendors, suppliers or service..
Vendor Management Policy
A vendor management policy is an important component of an organization's larger compliance risk management strategy. It is a best practice for any..
Vendor review is a process by which an organization can understand the potential risks of utilizing a vendor's product or service, as well as an ongoing..
Mistakes happen, even in the process of building and coding technology. What’s left behind from these mistakes is commonly referred to as a bug. While bugs..