Skip to content
🚨 Upcoming webinar: AI and the Future of GRC featuring Ant Stevens and Michael Rasmussen 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Responding to Australia's new critical infrastructure laws
On-demand Webinar

Responding to Australia's new critical infrastruct...

Join industry experts Andrew Robinson, Matthew Chantrell and Ryan Turan to share their insights into how to automate and manage your compliance with A...

Webinars

Unlocking smart value for MSPs: Fro...

On-demand Webinar

Unlocking smart value for MSPs: From assessment to full vCISO services

Join us for a webinar designed for Managed Service Providers (MSPs) to explore how 6clicks can transform your services. ...
date-icon

Jul 17, 2024

location

Virtual

Register Now
A look behind the scenes at the GRC...

On-demand Webinar

A look behind the scenes at the GRC practices of an AI-powered GRC company

Discover the inner workings of 6clicks' Governance, Risk, and Compliance (GRC) practices with our exclusive on-demand we...
date-icon

Jul 12, 2024

location

Virtual

Register Now
IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

What are the key steps involved in the i...

The internal audit process using 6clicks involves ...

What should be included in an ISO audit ...

An ISO audit checklist for cybersecurity complianc...

{tableName=glossary, name=ISO/IEC 27001 Back Up Policy, description= ISO/IEC 27001 is an international standard for information security management that provides a framework for organizations to establish and maintain an effective information security management system (ISMS). It is designed to help organizations protect their information assets, including information stored in digital form, from unauthorized access, use, disclosure, disruption, modification, or destruction. The standard also outlines the requirements for information security policies, procedures, processes, and controls. A Back Up Policy is a set of procedures and processes that are put in place to ensure that all information assets are backed up in a secure and reliable manner. This policy should include the frequency of backups, the type of backups, the location of the backups, the media used for the backups, and the procedures for restoring the backups. The policy should also include the responsibilities of the personnel involved in the backup process and the procedures for testing the backups to ensure that they are recoverable. The standard is designed to help organizations protect their information assets from unauthorized access, use, disclosure, disruption, modification, or destruction., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-back-up-policy}--
{tableName=glossary, name=Cybersecurity Frameworks, description= Cybersecurity frameworks are sets of best practices and guidelines designed to help organizations of all sizes protect their networks, systems, and data from malicious cyber attacks. These frameworks provide organizations with a set of standards, processes, and procedures to follow in order to identify, detect, prevent, and respond to security incidents. Cybersecurity frameworks can also be used to assess the security posture of an organization, identify areas of improvement, and create a roadmap for implementing security measures. Common frameworks include the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the International Organization for Standardization (ISO) 27000 series, the Center for Internet Security (CIS) Critical Security Controls, and the Cloud Security Alliance (CSA) Security, Trust, and Assurance Registry (STAR)., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=cybersecurity-frameworks}--
{tableName=guides, name=NIST SP 800-53, description= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST, topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1715624498921, path='nist-sp-800-53', name=' NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}', 15='{type=list, value=[{id=97620570515, name='NIST SP 800-53'}]}'}], hs_path=nist-sp-800-53}--
{tableName=glossary, name=ISO/IEC 27001 And ISO/IEC 27002, description= ISO/IEC 27001 and ISO/IEC 27002 are international standards developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC 27001 is an Information Security Management System (ISMS) standard that provides organizations with a framework for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an information security management system. It helps organizations manage the security of assets such as financial information, intellectual property, employee details, or information entrusted to them by third parties. ISO/IEC 27002 is a code of practice for information security management that provides guidelines for the selection, implementation, and management of security controls to protect information assets. It is based on the Plan-Do-Check-Act (PDCA) cycle and provides advice on the best practices for managing information security. It is designed to be used in conjunction with ISO/IEC 27001, but can also be used as a standalone guide., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-and-iso-iec-27002}--
{tableName=glossary, name=ISO/IEC Certification Meaning, description= ISO/IEC certification is a formal recognition that a product, process or service meets a set of standards and criteria as established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). This certification is issued by an independent third-party organization that has been accredited by the ISO and IEC to assess and certify products, processes and services. ISO/IEC certification is a way to demonstrate that a product, process or service meets the standards and requirements of ISO and IEC, and that it has been tested and verified by an accredited third-party organization. ISO/IEC certification is a valuable tool for businesses and organizations, as it helps to ensure that the products, processes or services they provide meet the standards and criteria of ISO and IEC. It also helps to ensure that the products, processes or services are safe and reliable, and that they meet the expectations of customers and other stakeholders., topic=null, hs_path=iso-iec-certification-meaning}--
{tableName=glossary, name=Communication and consultation, description= Communication and consultation is the process of exchanging information and ideas between two or more people or groups. It involves actively listening to the other person or group, understanding their point of view, and then providing feedback and input to reach a mutual agreement or understanding. Communication and consultation can take place in person, through written documents, or via electronic means. Communication and consultation is essential to any successful relationship, and is especially important in a business setting, where mutual understanding and agreement are essential for the successful completion of tasks and projects., topic=null, hs_path=communication-and-consultation}--
ISO 27001
ISO/IEC 27001 Back Up Policy

ISO/IEC 27001 is an international standard for information security management that provides a frame...

Cybersecurity Risk Management
Cybersecurity Frameworks

Cybersecurity frameworks are sets of best practices and guidelines designed to help organizations of...

NIST SP 800-53
NIST SP 800-53

This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control frame...

ISO 27001
ISO/IEC 27001 And ISO/IEC 27002

ISO/IEC 27001 and ISO/IEC 27002 are international standards developed by the International Organizat...

ISO/IEC Certification Meaning

ISO/IEC certification is a formal recognition that a product, process or service meets a set of stan...

Communication and consultation

Communication and consultation is the process of exchanging information and ideas between two or mor...

eBooks

Revolutionizing GRC with AI: Harnes...

eBook

Revolutionizing GRC with AI: Harnessing the power of LLM and RAG technologies

Download
GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks