Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Mastering Security Compliance
Live Webinar

Mastering Security Compliance

Unlock the essentials of Security Compliance with industry experts in our live webinar. Gain valuable insights and strategies for mastering compliance...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Risk Profile, description= Risk Profile is a term used to describe an individual's or organization's risk tolerance, which is the amount of risk they are willing to take in order to achieve a desired outcome. It is based on the individual's or organization's attitude towards risk and their capacity to bear risk. Risk profiles are used by financial advisors, insurance companies, and other professionals to assess the level of risk an individual or organization is willing to take in order to achieve a desired outcome. Risk profiles are also used to help determine the types of investments or insurance policies that may be suitable for a particular individual or organization. Risk profiles can also be used to determine the amount of money an individual or organization should set aside for contingencies or unexpected events., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1683947919413, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}'}], hs_path=risk-profile}--
{tableName=comparison, name=SOC 2 vs ISO 27001, description=Learn the differences between SOC 2 and ISO 27001 and how they are used to ensure the security of your organization's data. Get an overview of the key features., topic=[{id=97620570514, createdAt=1673040885366, updatedAt=1683947939686, path='soc-2', name=' SOC 2 Compliance: A Comprehensive Guide', 1='{type=string, value=SOC 2}', 2='{type=string, value= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary}', 5='{type=string, value=This comprehensive guide provides an in-depth look at SOC 2, a set of standards used to assess the security, availability, processing integrity, confidentiality, and privacy of a service organization. It is designed to help service organizations understand the requirements of the SOC 2 framework, as well as how to implement and maintain the necessary controls to achieve compliance. This guide provides a detailed overview of the SOC 2 framework, including the five trust principles, the criteria used to evaluate those principles, and the process organizations must go through to become compliant. Additionally, this guide provides best practices for organizations to ensure they remain compliant, as well as advice on how to handle any non-compliance issues that may arise. With this guide, service organizations can gain a better understanding of the SOC 2 framework and how to use it to maintain the security and privacy of their customers' data.}'}], hs_path=soc-2-vs-iso-27001}--
{tableName=glossary, name=Defence In Depth, description= Defence In Depth is a military strategy which seeks to protect an area from attack by creating multiple layers of defence. It involves a series of mutually supporting defensive positions, often located at different depths within the defensive area. The aim is to force an attacker to penetrate multiple layers of defences, each of which can be used to slow the attackers' progress and buy time for reinforcements to arrive. This strategy can be used to defend a wide variety of areas and assets, including physical locations, networks, and information systems. Defence In Depth is also known as a layered defence, or a multi-tiered defence., topic=null, hs_path=defence-in-depth}--
{tableName=glossary, name=ISO/IEC Standard, description= ISO/IEC Standard is an international standard created by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). These standards provide a set of specifications, guidelines, and best practices for a wide range of products, services, and processes. ISO/IEC standards are designed to ensure that products and services are safe, reliable, and of high quality, and that they are compatible with each other. They also help to ensure that products and services are consistent and of a high quality, regardless of where they are produced or used. ISO/IEC standards are also used to ensure that organizations comply with national and international laws, regulations, and guidelines., topic=null, hs_path=iso-iec-standard}--
{tableName=guides, name=SOC 2, description= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary, topic=null, hs_path=soc-2}--
{tableName=glossary, name=Vulnerability Management: Securing Your System, description= Vulnerability Management is the process of identifying, assessing, and prioritizing vulnerabilities in an organization’s systems and networks to ensure that risks are minimized and appropriate countermeasures are taken to protect the organization’s assets. It involves detecting, analyzing, and responding to security vulnerabilities in an organization’s IT infrastructure, including hardware, software, and networks. This process also includes the implementation of preventive and corrective measures to ensure that security vulnerabilities are addressed and managed in a timely manner. Vulnerability management requires the use of various tools, processes, and techniques to identify, assess, and mitigate security risks. This includes performing vulnerability scanning and penetration testing, patch management, and configuration management. Additionally, organizations should have policies and procedures in place to ensure that all security vulnerabilities are appropriately identified, assessed, and addressed., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1683947931775, path='vulnerability-management', name=' Vuln Mgmt Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=vulnerability-management}--
Enterprise Risk Management
Risk Profile

Risk Profile is a term used to describe an individual's or organization's risk tolerance, which is t...

SOC 2
SOC 2 vs ISO 27001

Learn the differences between SOC 2 and ISO 27001 and how they are used to ensure the security of yo...

Defence In Depth

Defence In Depth is a military strategy which seeks to protect an area from attack by creating multi...

ISO/IEC Standard

ISO/IEC Standard is an international standard created by the International Organization for Standard...

SOC 2

Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organ...

Vulnerability Management
Vulnerability Management: Securing Your System

Vulnerability Management is the process of identifying, assessing, and prioritizing vulnerabilities ...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks