Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=glossary, name=Information Management System, description= An Information Management System is a system of organized procedures and processes used to collect, store, organize, analyze, retrieve, and distribute data and information. It is designed to help users efficiently manage and access data, information, and knowledge. It typically includes a combination of hardware, software, and other technologies, such as databases, networks, and cloud computing, to provide users with secure access to the data they need. An Information Management System is used to improve the efficiency of business operations, streamline processes, reduce costs, and improve customer service. It can also be used to improve decision-making, communication, collaboration, and productivity., topic=null, hs_path=information-management-system}--
{tableName=glossary, name=Dark Data, description= Dark Data is information that is collected, stored, and processed but never used to make decisions or generate insights. It is data that is not actively analyzed or used for decision-making purposes, and is often stored in silos or repositories that are not easily accessible. Dark Data can include data from various sources such as customer surveys, customer service logs, sales records, financial records, and other sources. It can also include data that is not actively used or analyzed, such as data that has been collected but never used, data that has been collected and stored but never analyzed, or data that has been collected and analyzed but never used to make decisions or generate insights. Dark Data can provide valuable insights when used correctly, but it can also be a source of liability if not properly managed., topic=null, hs_path=dark-data}--
{tableName=glossary, name=Vendor Management Policy, description= A Vendor Management Policy is a set of guidelines and procedures designed to ensure that vendors providing goods and services to an organization are properly managed. The policy outlines the expectations for vendors and the organization’s responsibilities for vendor management. It also provides guidance on how to select, assess, and monitor vendors to ensure successful outcomes. The policy outlines how to manage vendor relationships, how to address performance issues, and how to ensure that vendors meet contractual requirements and organizational standards. The policy should also include guidance on how to manage vendor contracts, how to handle confidential information, and how to ensure compliance with applicable laws and regulations., topic=[{id=97620570526, createdAt=1673040885440, updatedAt=1683947987018, path='vendor-risk-management', name=' Vendor Risk Management: A Guide to Best Practices', 1='{type=string, value=Vendor Risk Management}', 2='{type=string, value= Vendor Risk Management Guide: Learn the fundamentals of vendor risk management and how to identify, assess, and mitigate risks associated with third-party vendors.}', 5='{type=string, value=This Vendor Risk Management Guide provides a comprehensive overview of the key components of vendor risk management. It covers the fundamentals of vendor risk management, including risk identification, assessment, and mitigation strategies. It also provides guidance on the development of a vendor risk management program, including the process for selecting, onboarding, and monitoring vendors. Additionally, this guide provides guidance on the use of technology to automate and streamline the vendor risk management process. Finally, this guide provides a number of best practices for managing vendor risk and ensuring compliance with applicable regulations. With this guide, organizations can create a comprehensive and effective vendor risk management program that ensures the safety of their data and systems.}'}], hs_path=vendor-management-policy}--
{tableName=glossary, name=ISO/IEC Certifications, description= ISO/IEC certifications are a set of international standards for quality assurance and assurance of conformity. These certifications are designed to help organizations demonstrate that they have implemented processes, procedures and systems that meet the requirements of the ISO/IEC standards. ISO/IEC certifications are awarded by independent third-party organizations, such as the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The ISO/IEC certifications are based on a set of criteria and requirements, which are designed to ensure that organizations are able to meet the highest level of quality and safety standards. The ISO/IEC certifications are used in a wide range of industries, including manufacturing, healthcare, finance, and information technology. By obtaining ISO/IEC certifications, organizations are able to demonstrate their commitment to quality and safety, while also providing assurance to their customers that their products and services meet the highest standards., topic=null, hs_path=iso-iec-certifications}--
{tableName=comparison, name=APRA CPS 234 vs NIST CSF, description=Compare APRA CPS 234 and NIST CSF to understand the key differences in their approaches to cybersecurity. Learn how each framework can help protect., topic=[{id=97620570527, createdAt=1673040885446, updatedAt=1683947990333, path='apra-cps-234', name=' APRA CPS 234 Guide: Cyber Security Requirements', 1='{type=string, value=APRA CPS 234}', 2='{type=string, value= This guide provides a comprehensive overview of APRA CPS 234, the Australian Prudential Regulation Authority's (APRA) requirements for information security management. Learn how to protect your organisation's data}', 5='{type=string, value=The APRA CPS 234 Guide provides authoritative guidance to help organizations implement effective cybersecurity strategies. Written by the Australian Prudential Regulation Authority (APRA), this guide outlines the essential elements of a cyber security framework and outlines best practices for protecting data and systems from cyber threats. It provides detailed guidance on how to assess risk, implement safeguards, and respond to cyber incidents. The guide also includes information on how to develop policies and procedures, educate staff, and monitor cyber security performance. With this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=apra-cps-234-vs-nist-cybersecurity-framework-csf}--
{tableName=glossary, name=NIST Compliance, description= NIST Compliance is the process of verifying that an organization is adhering to the security standards and guidelines set forth by the National Institute of Standards and Technology (NIST). It involves assessing the organization’s security practices, procedures, and technologies to ensure they meet or exceed the NIST requirements. This includes verifying that the organization has the appropriate policies and procedures in place, that they are following those policies and procedures, and that they have the necessary tools and technologies to protect their networks and data. NIST Compliance also requires organizations to regularly review and update their security practices and technologies to keep up with the ever-changing landscape of cyber threats. By adhering to the NIST standards, organizations can ensure their systems and networks are secure, and that their data is protected., topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1683947893762, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}'}], hs_path=nist-compliance}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...