Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
How to implement an ISMS in 6clicks
On-demand Webinar

How to implement an ISMS in 6clicks

Join us for a live demo with our CSO, Andrew Robinson, as he showcases how our platform can simplify your ISMS implementation..

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Information Security, description= Information security is the practice of protecting information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a broad term that encompasses a wide range of technologies, processes, and practices designed to protect networks, computers, programs, and data from attack, damage, or unauthorized access. It is also known as cyber security or computer security. Information security is important because it helps protect organizations from data loss, unauthorized access, and other security threats. It also helps organizations protect their customers' information and ensure compliance with applicable laws and regulations. Information security involves the use of a variety of measures to protect data, including encryption, authentication, access control, and data backup. Additionally, organizations must also take steps to ensure that their networks and systems are secure and regularly updated to prevent security breaches., topic=null, hs_path=information-security}--
{tableName=glossary, name=Australian Cyber Security Centre (ACSC), description= The Australian Cyber Security Centre (ACSC) is a government agency that works to protect Australia’s national security interests in cyberspace. It is a joint venture between the Australian Signals Directorate, the Australian Security Intelligence Organisation, the Australian Federal Police, and the Department of Home Affairs. The ACSC works to protect Australia’s national security interests in cyberspace by providing advice and assistance to government, industry and the public on cyber security. It is responsible for developing strategies to protect Australia’s critical infrastructure, managing cyber security incidents, and providing advice on how to respond to cyber threats and attacks. The ACSC also works with industry and the public to help them protect their digital assets and reduce their risk of cyber threats. It provides resources and guidance on cyber security best practices, as well as information on current cyber security threats. The ACSC works closely with other government agencies, industry and the public to ensure Australia’s cyber security is maintained and improved., topic=null, hs_path=australian-cyber-security-centre-acsc}--
{tableName=glossary, name=ISO/IEC 27001 Lead Auditor, description= ISO/IEC 27001 Lead Auditor is an individual who has been trained and certified to audit and evaluate an organization’s Information Security Management System (ISMS) against the ISO/IEC 27001 standard. The auditor is responsible for understanding the requirements of the standard, assessing the organization’s ISMS, and providing assurance that the ISMS meets the requirements of the standard. The Lead Auditor is expected to develop an audit plan, conduct the audit, and provide a report of the findings. The Lead Auditor is expected to have a deep understanding of the standard and the organization’s ISMS and must be able to demonstrate the ability to analyze and interpret the results of the audit. The Lead Auditor must also have the skills to communicate effectively with the organization’s management and staff, and to make recommendations for improvement., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-lead-auditor}--
{tableName=glossary, name=Statement Of Applicability (SOA), description= A Statement of Applicability (SOA) is a document that outlines the security controls and measures that an organization has implemented to protect its information systems and data assets. It is used to provide evidence of the organization's commitment to security and compliance. It typically includes a list of applicable security controls and measures, along with a description of how they are implemented and monitored. The SOA also includes a description of the organization's security policies, procedures, and guidelines, as well as any applicable laws and regulations. The SOA is typically reviewed and updated on a regular basis to ensure that the organization's security measures remain up to date and relevant., topic=[{id=97620570504, createdAt=1673040885302, updatedAt=1715643465064, path='information-security-management-system', name=' ISMS Guide: Info Security Mgmt System Overview', 1='{type=string, value=Information Security Management System (ISMS)}', 2='{type=string, value= This authoritative guide provides a comprehensive overview of Information Security Management Systems (ISMS). It covers the fundamentals of ISMS, as well as best practices for implementing an effective ISMS. It also}', 5='{type=string, value=This guide provides a comprehensive overview of Information Security Management Systems (ISMS), which are designed to protect organizations from the risks for which information security, cybersecurity and privacy protection are required. It covers the fundamentals of ISMS, including the components of an ISMS, the process of implementing an ISMS, and the various requirements and standards associated with ISMS. It also covers the different types of security threats, the best practices for mitigating them, and the importance of having a robust ISMS in place. Finally, this guide provides practical advice on how to design and implement an effective ISMS, as well as how to maintain it over time. With this guide, readers will gain a deeper understanding of how to protect their organizations from cyber threats and ensure their data is secure.}', 15='{type=list, value=[{id=97620570504, name='Information Security Management System (ISMS)'}]}'}], hs_path=statement-of-applicability-soa}--
{tableName=guides, name=Australian Financial Services Compliance, description= This guide provides an overview of Australian Financial Services Compliance, including the regulatory framework and key compliance requirements. Get informed and stay up-to-date with the latest in financial services compliance., topic=[{id=97620570511, createdAt=1673040885347, updatedAt=1715624395980, path='australian-financial-services-compliance', name=' Australian Financial Services: Compliance Guide', 1='{type=string, value=Australian Financial Services Compliance}', 2='{type=string, value= This guide provides an overview of Australian Financial Services Compliance, including the regulatory framework and key compliance requirements. Get informed and stay up-to-date with the latest in financial services compliance.}', 5='{type=string, value=This guide provides an authoritative overview of the compliance requirements for financial services companies in Australia. It covers the regulations and guidelines under the Australian Securities and Investments Commission (ASIC), the Australian Prudential Regulation Authority (APRA) and other relevant legislation. It explains the obligations of financial services companies, their directors and officers, and their customers. It also provides guidance on how to meet compliance requirements, including the use of internal controls, risk management and other measures. This guide is an essential resource for anyone involved in the Australian financial services industry.}', 15='{type=list, value=[{id=97620570511, name='Australian Financial Services Compliance'}]}'}], hs_path=australian-financial-services-compliance}--
{tableName=glossary, name=NIST SP 800-53 Benefits, description= NIST SP 800-53 Benefits is a set of guidelines developed by the National Institute of Standards and Technology (NIST) to help organizations identify, assess, and manage the security risks associated with their information systems. The goal of the guidelines is to provide organizations with a comprehensive set of best practices to ensure the confidentiality, integrity, and availability of their information systems. The guidelines are organized into four security control domains: security management, access control, system and communications protection, and system and information integrity. The guidelines provide organizations with a framework for assessing their security risks and implementing appropriate security controls to protect their information systems. The NIST SP 800-53 Benefits guidelines are designed to help organizations reduce the cost of security and increase the effectiveness of their security measures. Additionally, the guidelines help organizations ensure compliance with applicable laws and regulations, as well as industry best practices., topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1715624498921, path='nist-sp-800-53', name=' NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}', 15='{type=list, value=[{id=97620570515, name='NIST SP 800-53'}]}'}], hs_path=nist-sp-800-53-benefits}--
Information Security

Information security is the practice of protecting information from unauthorized access, use, disclo...

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) is a government agency that works to protect Australia’s...

ISO 27001
ISO/IEC 27001 Lead Auditor

ISO/IEC 27001 Lead Auditor is an individual who has been trained and certified to audit and evaluate...

Information Security Management System (ISMS)
Statement Of Applicability (SOA)

A Statement of Applicability (SOA) is a document that outlines the security controls and measures th...

Australian Financial Services Compliance
Australian Financial Services Compliance

This guide provides an overview of Australian Financial Services Compliance, including the regulator...

NIST SP 800-53
NIST SP 800-53 Benefits

NIST SP 800-53 Benefits is a set of guidelines developed by the National Institute of Standards and ...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks