Skip to content
🚨 Master Security Compliance: Join our upcoming webinar! 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Keeping pace with change in cyber GRC: An update for boards, CISOs and business leaders
On-demand Webinar

Keeping pace with change in cyber GRC: An update f...

Stay ahead of cyber GRC challenges with expert insights! Join our webinar for essential updates on governance, risk, and compliance strategies for boa...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Vendor Assessment, description= Vendor Assessment is the process of evaluating potential suppliers and vendors to determine their ability to meet the needs of an organization. This process typically involves analyzing a vendor's performance history, customer service, product quality, pricing, and other factors to determine if they are a suitable partner. Vendor assessments are used to ensure that the vendor provides the best value for the organization, and that the vendor is reliable, dependable, and offers the highest quality products and services. Vendor assessments can also help organizations identify potential risks associated with working with certain vendors and help them select the most suitable vendor for their needs., topic=[{id=97620570526, createdAt=1673040885440, updatedAt=1715624231354, path='vendor-risk-management', name=' Vendor Risk Management: A Guide to Best Practices', 1='{type=string, value=Vendor Risk Management}', 2='{type=string, value= Vendor Risk Management Guide: Learn the fundamentals of vendor risk management and how to identify, assess, and mitigate risks associated with third-party vendors.}', 5='{type=string, value=This Vendor Risk Management Guide provides a comprehensive overview of the key components of vendor risk management. It covers the fundamentals of vendor risk management, including risk identification, assessment, and mitigation strategies. It also provides guidance on the development of a vendor risk management program, including the process for selecting, onboarding, and monitoring vendors. Additionally, this guide provides guidance on the use of technology to automate and streamline the vendor risk management process. Finally, this guide provides a number of best practices for managing vendor risk and ensuring compliance with applicable regulations. With this guide, organizations can create a comprehensive and effective vendor risk management program that ensures the safety of their data and systems.}', 15='{type=list, value=[{id=97620570526, name='Vendor Risk Management'}]}'}], hs_path=vendor-assessment}--
{tableName=comparison, name=GDPR vs NIST SP 800-53, description=GDPR and NIST SP 800-53 are two of the most important regulations for data privacy and security. Learn more about the differences between., topic=[{id=97620570523, createdAt=1673040885422, updatedAt=1715624542336, path='gdpr', name=' GDPR: A Comprehensive Guide to Compliance', 1='{type=string, value=GDPR}', 2='{type=string, value= This GDPR Guide provides an authoritative overview of the General Data Protection Regulation (GDPR) and how it affects businesses and organizations. It outlines the key principles of the GDPR and provides an}', 5='{type=string, value=This GDPR Guide provides a comprehensive overview of the European Union's General Data Protection Regulation (GDPR). It covers the full scope of the GDPR, including its purpose, scope, definitions, principles, rights, obligations, enforcement, and more. It also provides practical advice on how to comply with the GDPR, including best practices for data protection, data security, and data management. This guide is an essential resource for any organization that collects, stores, or processes personal data.}', 15='{type=list, value=[{id=97620570523, name='GDPR'}]}'}], hs_path=gdpr-vs-nist-sp-800-53}--
{tableName=glossary, name=DPIS Stages, description= DPIS Stages: A DPIS (Data Processing and Information System) Stage is a set of activities that are used to acquire, process, store and analyze data in order to generate information that can be used to make decisions. The stages are usually divided into four categories: data acquisition, data processing, data storage and data analysis. Data acquisition involves collecting data from various sources, such as surveys, interviews, and databases. Data processing involves formatting and organizing the data into a usable format. Data storage involves storing the data in a secure and efficient manner. Finally, data analysis involves using the data to generate insights and inform decisions., topic=null, hs_path=dpis-stages}--
{tableName=glossary, name=SSAE 16, description= Statement on Standards for Attestation Engagements (SSAE) No. 16 is an attestation standard issued by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA). It replaces the previous standard, Statement on Auditing Standards (SAS) No. 70, and is used by service organizations to demonstrate their internal controls, processes, and systems are suitably designed and operating effectively. SSAE 16 is a service auditor's attestation that a service organization has been through an in-depth evaluation of their control objectives and control activities, and the results of that evaluation have been reported. It requires the service auditor to obtain an understanding of the service organization's control environment, assess the risk of material misstatement, test the operating effectiveness of the controls, and obtain sufficient appropriate evidence to support the opinion on the design and operating effectiveness of the controls. SSAE 16 also requires management of the service organization to provide written assertions regarding the design and operating effectiveness of the controls. The service auditor must then evaluate the evidence obtained and the assertions made by management, and provide a report that expresses an opinion on the fairness of the presentation of the description of the service organization's system, and the suitability of the design and operating effectiveness of the controls., topic=null, hs_path=ssae-16}--
{tableName=comparison, name=GDPR vs PCI-DSS, description=GDPR and PCI-DSS are two data privacy and security standards. Learn about their differences and how to comply with both. , topic=[{id=97620570523, createdAt=1673040885422, updatedAt=1715624542336, path='gdpr', name=' GDPR: A Comprehensive Guide to Compliance', 1='{type=string, value=GDPR}', 2='{type=string, value= This GDPR Guide provides an authoritative overview of the General Data Protection Regulation (GDPR) and how it affects businesses and organizations. It outlines the key principles of the GDPR and provides an}', 5='{type=string, value=This GDPR Guide provides a comprehensive overview of the European Union's General Data Protection Regulation (GDPR). It covers the full scope of the GDPR, including its purpose, scope, definitions, principles, rights, obligations, enforcement, and more. It also provides practical advice on how to comply with the GDPR, including best practices for data protection, data security, and data management. This guide is an essential resource for any organization that collects, stores, or processes personal data.}', 15='{type=list, value=[{id=97620570523, name='GDPR'}]}'}], hs_path=gdpr-vs-pci-dss}--
{tableName=glossary, name=ISO/IEC Standards List, description= ISO/IEC Standards List is an international standard-setting body composed of representatives from various national standards organizations. It develops and publishes international standards for information technology and communications technologies, including software, computer hardware, and telecommunications. These standards are intended to ensure interoperability and compatibility between different systems, products, and services, and to ensure that information can be exchanged securely and reliably. The standards are developed through a consensus-based process involving experts from around the world. The standards are updated regularly to keep pace with technological advancements and changing needs., topic=null, hs_path=iso-iec-standards-list}--
Vendor Risk Management
Vendor Assessment

Vendor Assessment is the process of evaluating potential suppliers and vendors to determine their ab...

GDPR
GDPR vs NIST SP 800-53

GDPR and NIST SP 800-53 are two of the most important regulations for data privacy and security. Lea...

DPIS Stages

DPIS Stages: A DPIS (Data Processing and Information System) Stage is a set of activities that are u...

SSAE 16

Statement on Standards for Attestation Engagements (SSAE) No. 16 is an attestation standard issued b...

GDPR
GDPR vs PCI-DSS

GDPR and PCI-DSS are two data privacy and security standards. Learn about their differences and how ...

ISO/IEC Standards List

ISO/IEC Standards List is an international standard-setting body composed of representatives from va...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks