Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Microsoft AI FinTech Roadshow - Melbourne
Live Event

Microsoft AI FinTech Roadshow - Melbourne

Discover the future of Financial Services with insights from industry leaders at the Microsoft AI Fintech Roadshow in Melbourne. Join us to explore AI...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=ISO/IEC 27001 Risk Assessment, description= ISO/IEC 27001 Risk Assessment is a systematic process of identifying, evaluating, and responding to risks associated with the use, processing, storage, and transmission of information. It is a process of identifying potential threats, vulnerabilities, and risks to the confidentiality, integrity, availability, and privacy of information and assessing their potential impact. The process includes evaluating the likelihood of a risk occurring, the potential impact of the risk, and the risk response strategies. The goal of the risk assessment is to identify and prioritize risks to ensure that appropriate measures are taken to minimize their impact and to ensure the security of information., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-risk-assessment}--
{tableName=glossary, name=Attribute, description= Attribute: A characteristic or quality of a person, place, or thing that is used to describe or identify it. Attributes can be physical (such as height, weight, eye color, etc.), mental (such as intelligence, creativity, etc.), or emotional (such as kindness, empathy, etc.). Attributes can also refer to the qualities of an object or concept (such as size, shape, color, etc.). Attributes are used to describe or identify something, and can be used to make comparisons and judgments., topic=null, hs_path=attribute}--
{tableName=glossary, name=ISO/IEC 27005 And ISRM, description= ISO/IEC 27005 is an international standard that provides guidance on information security risk management (ISRM). It is designed to help organizations understand, manage, and reduce the risks associated with their information security activities. The standard focuses on the principles and processes of risk management, and provides guidance on the selection and implementation of risk management activities. It also provides guidance on the integration of risk management into the overall management system of an organization. ISO/IEC 27005 is based on the ISO/IEC 27001 standard, which provides a framework for the implementation of information security management systems. The standard is applicable to any organization, regardless of size, type, or sector. It is intended to help organizations identify and manage the risks associated with their information security activities, and to ensure that appropriate measures are taken to protect their information assets. The standard provides guidance on the assessment of risk, the development of risk management plans, and the implementation and monitoring of risk management measures., topic=null, hs_path=iso-iec-27005-and-isrm}--
{tableName=glossary, name=ISO/IEC 27001 Gap Analysis, description= ISO/IEC 27001 Gap Analysis is an assessment of a company’s information security management system (ISMS) in relation to the requirements of the ISO/IEC 27001 standard. The purpose of the gap analysis is to identify any areas in which the ISMS does not meet the requirements of the standard and to provide a plan of action to address any gaps. The gap analysis involves a review of all aspects of the ISMS, including policies, procedures, processes, and technical controls. The gap analysis also includes an assessment of the organization’s level of compliance with the ISO/IEC 27001 standard and other relevant laws and regulations. The results of the gap analysis are used to create a roadmap for the organization to move from its current state to a fully compliant ISMS. The gap analysis is an important step in the process of achieving ISO/IEC 27001 certification., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-gap-analysis}--
{tableName=glossary, name=ISO/IEC 27014, description= ISO/IEC 27014 is an international standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) that provides guidance on the development and implementation of an effective governance framework for information security. The standard outlines a comprehensive set of principles, processes, and practices to ensure the confidentiality, integrity, and availability of information. It emphasizes the importance of risk management, security controls, and the need to ensure that all information security activities are carried out in an organized and systematic manner. ISO/IEC 27014 also outlines the roles and responsibilities of all stakeholders involved in the governance of information security, including the security team, senior management, and the board of directors. Additionally, the standard provides guidance on the development of an information security policy, the implementation of security controls, and the monitoring and reporting of security incidents., topic=null, hs_path=iso-iec-27014}--
{tableName=comparison, name=NIST CSF vs ASD Essential 8, description= The NIST Cybersecurity Framework (CSF) and ASD Essential 8 are two of the most popular frameworks used for cybersecurity. Learn the differences between them., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1715624266851, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}', 15='{type=list, value=[{id=97620570503, name='NIST Cybersecurity Framework (CSF)'}]}'}], hs_path=nist-cybersecurity-framework-csf-vs-asd-essential-8}--
ISO 27001
ISO/IEC 27001 Risk Assessment

ISO/IEC 27001 Risk Assessment is a systematic process of identifying, evaluating, and responding to ...

Attribute

Attribute: A characteristic or quality of a person, place, or thing that is used to describe or iden...

ISO/IEC 27005 And ISRM

ISO/IEC 27005 is an international standard that provides guidance on information security risk manag...

ISO 27001
ISO/IEC 27001 Gap Analysis

ISO/IEC 27001 Gap Analysis is an assessment of a company’s information security management system (I...

ISO/IEC 27014

ISO/IEC 27014 is an international standard published by the International Organization for Standardi...

NIST Cybersecurity Framework (CSF)
NIST CSF vs ASD Essential 8

The NIST Cybersecurity Framework (CSF) and ASD Essential 8 are two of the most popular frameworks us...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks