Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Scaling your vCISO offering
On-demand Webinar

Scaling your vCISO offering

Join industry experts Heather and Will Birchett to discuss how to best scale your vCISO service offering. Whether you're delivering or consuming vCISO...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Global Regulatory Management, description= Global Regulatory Management is the process of managing and coordinating the various regulations, policies, and procedures that govern the business activities of an organization on a global scale. It involves the monitoring and assessment of the compliance of an organization’s activities with the applicable laws and regulations, both domestic and international. It also includes the management of the organization’s relationship with its regulatory bodies, such as the FDA and EPA, and other government agencies, as well as the development of strategies for responding to changes in the regulatory environment. Global Regulatory Management is an important part of any organization’s risk management strategy and is essential for the successful operation of a global business., topic=null, hs_path=global-regulatory-management}--
{tableName=glossary, name=COBIT Framework, description= COBIT (Control Objectives for Information and Related Technology) is an IT governance framework that provides a comprehensive set of best practices, processes, and procedures for IT management and control. It was developed by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI) to help organizations achieve their business objectives by leveraging IT resources. COBIT enables organizations to align IT strategies with their business objectives by providing an integrated framework of processes, controls, and best practices for the effective management of IT. It covers all aspects of IT management, including planning, acquisition, implementation, operations, and maintenance. COBIT also provides guidance on IT governance, risk management, and compliance. It is a widely accepted and internationally recognized standard for IT governance, and is used by organizations of all sizes and industries., topic=null, hs_path=cobit-framework}--
{tableName=comparison, name=NIST CSF vs ASD Essential 8, description= The NIST Cybersecurity Framework (CSF) and ASD Essential 8 are two of the most popular frameworks used for cybersecurity. Learn the differences between them., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1683947893762, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}'}], hs_path=nist-cybersecurity-framework-csf-vs-asd-essential-8}--
{tableName=glossary, name=GDPR Requirements, description= The General Data Protection Regulation (GDPR) is a comprehensive data protection law that was adopted by the European Union (EU) in April 2016. It is designed to strengthen and unify data protection for individuals within the EU, while also giving individuals greater control over their personal data. The GDPR requirements apply to any organisation, regardless of size or location, that processes the personal data of individuals in the EU. This includes organisations that process data for marketing purposes, as well as those that process data for other purposes such as employee data, customer data, and health data. The GDPR requires organisations to be transparent about how they collect, use, store, and delete personal data, and to ensure that all personal data is processed in a secure and lawful manner. It also requires organisations to provide individuals with the right to access, rectify, erase, or restrict the processing of their personal data, as well as the right to data portability. Additionally, organisations must notify individuals of any data breaches that occur, and must obtain consent from individuals before processing their personal data. Finally, the GDPR requires organisations to appoint a data protection officer and to conduct data protection impact assessments prior to processing any personal data., topic=null, hs_path=gdpr-requirements}--
{tableName=glossary, name=ISO/IEC Directives Part 2, description= ISO/IEC Directives Part 2 is a set of rules and procedures developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to ensure that standards created by the two organizations are developed and published in a consistent and effective manner. This part of the ISO/IEC Directives sets out the overall structure of the ISO/IEC standards development process, the roles and responsibilities of the various stakeholders, and the procedures for the development, approval, and publication of ISO/IEC standards. It also provides guidance on how to ensure that standards are developed in a transparent and open manner, and that the interests of all stakeholders are taken into consideration. The ISO/IEC Directives Part 2 also outlines the procedures for the review and withdrawal of standards, and the procedures for the registration and maintenance of ISO/IEC standards., topic=null, hs_path=iso-iec-directives-part-2}--
{tableName=glossary, name=NIST 800 171, description= NIST 800 171 is a set of standards and guidelines issued by the National Institute of Standards and Technology (NIST) for the protection of Controlled Unclassified Information (CUI) stored or processed on nonfederal information systems and organizations. The standards and guidelines are intended to help protect CUI from unauthorized access, use, disclosure, modification, or destruction in accordance with the Federal Information Security Modernization Act (FISMA) of 2014. The standards and guidelines are based on the NIST Cybersecurity Framework and include requirements for identifying, protecting, detecting, responding to, and recovering from cyber threats. The standards and guidelines also require organizations to have in place a risk management program, which includes risk assessments, security controls, security testing, and incident response plans. Additionally, organizations must have a process for monitoring and reporting on the security of their systems and networks. NIST 800 171 provides organizations with a comprehensive set of security requirements and best practices for protecting CUI., topic=[{id=97620570517, createdAt=1673040885385, updatedAt=1683947953092, path='nist-sp-800-171', name=' NIST SP 800-171 Guide: A Comprehensive Overview', 1='{type=string, value=NIST SP 800-171}', 2='{type=string, value= This guide provides an overview of NIST SP 800-171, a cybersecurity standard for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. Learn about the security}', 5='{type=string, value=The NIST SP 800-171 Guide is an authoritative source of information for organizations looking to ensure the security of their Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations. This guide provides an overview of the security requirements and best practices for protecting CUI, as well as detailed guidance on how to implement these requirements. It covers topics such as user access control, system and network security, incident response, and logging and monitoring. The guide also provides an overview of the NIST Risk Management Framework and the NIST Cybersecurity Framework, and provides detailed guidance on how to use these frameworks to assess and mitigate risk. This guide is an essential resource for organizations looking to ensure the security of their CUI.}'}], hs_path=nist-800-171}--
Global Regulatory Management

Global Regulatory Management is the process of managing and coordinating the various regulations, po...

COBIT Framework

COBIT (Control Objectives for Information and Related Technology) is an IT governance framework that...

NIST Cybersecurity Framework (CSF)
NIST CSF vs ASD Essential 8

The NIST Cybersecurity Framework (CSF) and ASD Essential 8 are two of the most popular frameworks us...

GDPR Requirements

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that was adopte...

ISO/IEC Directives Part 2

ISO/IEC Directives Part 2 is a set of rules and procedures developed by the International Organizati...

NIST SP 800-171
NIST 800 171

NIST 800 171 is a set of standards and guidelines issued by the National Institute of Standards and ...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks