Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Using Zero Trust Architecture to Balance Cyber Security Risks
On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Sec...

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in recent months with the balance ...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=comparison, name=SOC 2 vs APRA CPS 234, description=SOC 2 and APRA CPS 234 are two standards for assessing the security and privacy of cloud services. Learn the differences between them and how they can help., topic=[{id=97620570514, createdAt=1673040885366, updatedAt=1715624490265, path='soc-2', name=' SOC 2 Compliance: A Comprehensive Guide', 1='{type=string, value=SOC 2}', 2='{type=string, value= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary}', 5='{type=string, value=This comprehensive guide provides an in-depth look at SOC 2, a set of standards used to assess the security, availability, processing integrity, confidentiality, and privacy of a service organization. It is designed to help service organizations understand the requirements of the SOC 2 framework, as well as how to implement and maintain the necessary controls to achieve compliance. This guide provides a detailed overview of the SOC 2 framework, including the five trust principles, the criteria used to evaluate those principles, and the process organizations must go through to become compliant. Additionally, this guide provides best practices for organizations to ensure they remain compliant, as well as advice on how to handle any non-compliance issues that may arise. With this guide, service organizations can gain a better understanding of the SOC 2 framework and how to use it to maintain the security and privacy of their customers' data.}', 15='{type=list, value=[{id=97620570514, name='SOC 2'}]}'}], hs_path=soc-2-vs-apra-cps-234}--
{tableName=glossary, name=ISO/IEC 27002 Security Policy, description= ISO/IEC 27002 Security Policy is a set of guidelines, procedures, and best practices that organizations use to protect their information assets. It is based on a framework of security controls that are designed to reduce the risk of unauthorized access, use, disclosure, disruption, modification, or destruction of information. The security policy outlines the organization’s security objectives and identifies the security controls that will be used to achieve those objectives. The policy also defines the roles and responsibilities of personnel involved in the security process, and outlines the procedures for responding to security incidents. ISO/IEC 27002 Security Policy provides organizations with a comprehensive approach to information security management., topic=null, hs_path=iso-iec-27002-security-policy}--
{tableName=glossary, name=Personally Identifiable Information (PII), description= Personally Identifiable Information (PII) is any data that can be used to identify an individual, either directly or indirectly. This includes, but is not limited to, a person’s name, address, phone number, email address, Social Security number, driver’s license number, passport number, financial account information, biometric data, and any other unique identifier. PII is often collected and stored by organizations, such as employers, banks, and government agencies, for the purpose of providing services, conducting transactions, and maintaining records. It is important to note that PII can also be used for malicious purposes, such as identity theft and fraud. As such, organizations must take steps to ensure that PII is collected, stored, and used responsibly. This includes implementing strong security measures, such as encryption and access control, as well as providing individuals with clear information about how their data is being used., topic=null, hs_path=personally-identifiable-information-pii}--
{tableName=guides, name=Australian Financial Services Compliance, description= This guide provides an overview of Australian Financial Services Compliance, including the regulatory framework and key compliance requirements. Get informed and stay up-to-date with the latest in financial services compliance., topic=[{id=97620570511, createdAt=1673040885347, updatedAt=1715624395980, path='australian-financial-services-compliance', name=' Australian Financial Services: Compliance Guide', 1='{type=string, value=Australian Financial Services Compliance}', 2='{type=string, value= This guide provides an overview of Australian Financial Services Compliance, including the regulatory framework and key compliance requirements. Get informed and stay up-to-date with the latest in financial services compliance.}', 5='{type=string, value=This guide provides an authoritative overview of the compliance requirements for financial services companies in Australia. It covers the regulations and guidelines under the Australian Securities and Investments Commission (ASIC), the Australian Prudential Regulation Authority (APRA) and other relevant legislation. It explains the obligations of financial services companies, their directors and officers, and their customers. It also provides guidance on how to meet compliance requirements, including the use of internal controls, risk management and other measures. This guide is an essential resource for anyone involved in the Australian financial services industry.}', 15='{type=list, value=[{id=97620570511, name='Australian Financial Services Compliance'}]}'}], hs_path=australian-financial-services-compliance}--
{tableName=guides, name=ISO 27001, description=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-27001}--
{tableName=glossary, name=ISO/IEC 27001 And ISO/IEC 27002, description= ISO/IEC 27001 and ISO/IEC 27002 are international standards developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC 27001 is an Information Security Management System (ISMS) standard that provides organizations with a framework for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an information security management system. It helps organizations manage the security of assets such as financial information, intellectual property, employee details, or information entrusted to them by third parties. ISO/IEC 27002 is a code of practice for information security management that provides guidelines for the selection, implementation, and management of security controls to protect information assets. It is based on the Plan-Do-Check-Act (PDCA) cycle and provides advice on the best practices for managing information security. It is designed to be used in conjunction with ISO/IEC 27001, but can also be used as a standalone guide., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-and-iso-iec-27002}--
SOC 2
SOC 2 vs APRA CPS 234

SOC 2 and APRA CPS 234 are two standards for assessing the security and privacy of cloud services. L...

ISO/IEC 27002 Security Policy

ISO/IEC 27002 Security Policy is a set of guidelines, procedures, and best practices that organizati...

Personally Identifiable Information (PII)

Personally Identifiable Information (PII) is any data that can be used to identify an individual, ei...

Australian Financial Services Compliance
Australian Financial Services Compliance

This guide provides an overview of Australian Financial Services Compliance, including the regulator...

ISO 27001
ISO 27001

This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, ...

ISO 27001
ISO/IEC 27001 And ISO/IEC 27002

ISO/IEC 27001 and ISO/IEC 27002 are international standards developed by the International Organizat...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks