The 6clicks Marketplace provides a single source for apps and content that integrate with the core 6clicks GRC platform. The platform also connects businesses with customers and provides a variety of tools and resources to help them succeed.
{tableName=glossary, name=Money Laundering, description=
Money Laundering is the process of disguising illegally obtained funds so they appear to have been obtained from a legitimate source. It is typically done by transferring the money through a series of transactions and/or accounts to hide its origin. Common techniques used to launder money include structuring, smurfing, layering, and using offshore accounts. Money laundering is a crime in many countries and is used to finance activities such as drug trafficking, terrorism, and organized crime. Money laundering can also be used to hide illegal profits from legitimate businesses, such as tax evasion and embezzlement., topic=null, hs_path=money-laundering}--
{tableName=glossary, name=Nis Directive, description=
NIS Directive is a directive issued by the European Union (EU) in 2018 which aims to improve the security of network and information systems across the EU. It applies to operators of essential services such as energy, transport, banking, healthcare and digital infrastructure, as well as digital service providers. The Directive requires these operators and service providers to take appropriate security measures, such as implementing risk management processes and incident reporting systems, in order to protect their systems and data from cyber-attacks. It also requires Member States to establish national computer security incident response teams and to cooperate with each other in order to ensure the security of network and information systems across the EU. The Directive is a key part of the EU's efforts to ensure a secure and resilient digital environment., topic=null, hs_path=nis-directive}--
{tableName=glossary, name=The Health Insurance Portability and Accountability (HIPAA), description=
The Health Insurance Portability and Accountability (HIPAA) is a federal law enacted in 1996 that provides data privacy and security provisions for safeguarding medical information. The law applies to health plans, health care clearinghouses, and those health care providers that conduct certain financial and administrative transactions electronically. The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain financial and administrative transactions electronically. The Privacy Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The HIPAA Security Rule requires covered entities to maintain reasonable and appropriate administrative, physical, and technical safeguards for protecting and securing protected health information. The Security Rule addresses both technical and non-technical safeguards, such as administrative, physical, and technical controls. The HIPAA Enforcement Rule provides the procedures for enforcing the privacy and security provisions of HIPAA. The Enforcement Rule outlines the procedures for investigating and resolving complaints of noncompliance and outlines the penalties for violations of the HIPAA Rules. The HIPAA Breach Notification Rule requires covered entities to provide notification following a breach of unsecured protected health information. The Breach Notification Rule requires covered entities to provide notification to affected individuals, the Secretary of the Department of Health and Human Services (HHS), and, in certain cases, to the media., topic=null, hs_path=the-health-insurance-portability-and-accountability-hipaa}--
{tableName=comparison, name=ISO 27001 vs ASD Essential 8, description=
ISO 27001 and ASD Essential 8 are two popular frameworks for protecting information and systems. Learn about the key differences and how to use them together., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
{tableName=glossary, name=ISO/IEC 27001 Annex A, description=
ISO/IEC 27001 Annex A is a set of information security controls developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). These controls are designed to help organizations protect their information assets from unauthorized access, use, disclosure, disruption, modification, or destruction. The controls are organized into 14 categories, including Access Control, Asset Management, Business Continuity Management, Cryptography, Human Resources Security, Information Security Incident Management, and Physical and Environmental Security. Each category includes a list of specific controls that organizations can implement to ensure the security of their information assets. The controls are designed to be comprehensive, flexible, and adaptable to the needs of any organization. The Annex also includes guidance on how to implement the controls and measure their effectiveness., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
{tableName=glossary, name=Network Segregation, description=
Network Segregation is the process of separating different types of traffic on a network. It is used to ensure that sensitive information is kept secure by isolating it from other types of traffic. It can be accomplished in a variety of ways, including the use of virtual local area networks (VLANs), firewalls, and network access control lists (ACLs). Network segregation can also be used to limit the amount of traffic that is sent to or from certain areas of a network. This can help to reduce the risk of unauthorized access to sensitive information, as well as to improve network performance by reducing the amount of traffic that needs to be processed by the network., topic=null, hs_path=network-segregation}--