Skip to content
🚨 Upcoming webinar: AI and the Future of GRC featuring Ant Stevens and Michael Rasmussen 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Responding to Australia's new critical infrastructure laws
On-demand Webinar

Responding to Australia's new critical infrastruct...

Join industry experts Andrew Robinson, Matthew Chantrell and Ryan Turan to share their insights into how to automate and manage your compliance with A...

Webinars

Unlocking smart value for MSPs: Fro...

On-demand Webinar

Unlocking smart value for MSPs: From assessment to full vCISO services

Join us for a webinar designed for Managed Service Providers (MSPs) to explore how 6clicks can transform your services. ...
date-icon

Jul 17, 2024

location

Virtual

Register Now
A look behind the scenes at the GRC...

On-demand Webinar

A look behind the scenes at the GRC practices of an AI-powered GRC company

Discover the inner workings of 6clicks' Governance, Risk, and Compliance (GRC) practices with our exclusive on-demand we...
date-icon

Jul 12, 2024

location

Virtual

Register Now
IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

What are the key steps involved in the i...

The internal audit process using 6clicks involves ...

What should be included in an ISO audit ...

An ISO audit checklist for cybersecurity complianc...

{tableName=glossary, name=Triage, description= Triage is the process of quickly assessing and categorizing patients based on the severity of their medical condition and the resources available for treatment. It is typically used in emergency situations, such as natural disasters or mass casualty incidents, when there are a limited number of medical personnel and resources available. During triage, medical professionals will examine and assess the patient's condition, taking into account factors such as vital signs, the severity of their injuries or illness, and the availability of medical resources. They will then prioritize the patients according to their needs and the resources available, ensuring that those with the most serious conditions are treated first. This process allows medical personnel to provide the best care possible in a timely manner, and can be the difference between life and death in a crisis situation., topic=null, hs_path=triage}--
{tableName=glossary, name=Discretionary Access Control (DAC) Attributes, description= Discretionary Access Control (DAC) attributes are security measures used to control and manage access to computer systems and data. DAC is a type of access control where the user has the authority to decide who can access certain resources or data. The user has the ability to grant or deny access to a resource or data based on their own discretion. This type of control is commonly used in organizations to help protect sensitive data and systems from unauthorized access. DAC attributes are typically associated with user accounts and can be used to set rules and restrictions on who can access certain resources or data. For example, a user account may be set up with a DAC attribute that only allows certain users to access certain data or resources. This type of control helps ensure that only authorized users have access to the resources and data that they need., topic=null, hs_path=discretionary-access-control-dac-attributes}--
{tableName=glossary, name=Information Asset, description= An information asset is a resource that has value to an individual, organization, or government. It can be tangible or intangible, and may include physical assets (such as computers, networks, and storage devices), intellectual property (such as software, patents, and copyrights), or data (such as customer records, financial information, and employee records). Information assets can also include digital assets, such as websites, mobile applications, and social media accounts. Information assets are essential to organizations, as they provide the foundation for making informed decisions, creating competitive advantages, and providing value to stakeholders. As such, they must be protected, managed, and optimized to ensure their continued use and benefit., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=information-asset}--
{tableName=glossary, name=Compliance Management, description= Compliance Management is the practice of ensuring that an organization is adhering to all applicable laws, regulations, standards, and ethical practices. It involves developing and implementing policies and procedures to ensure that the organization is in compliance with applicable laws, regulations, standards, and ethical practices. It also involves monitoring and enforcing the policies and procedures, conducting regular audits and reviews, and providing training and guidance to employees to ensure that they are in compliance. Compliance Management is an important part of any organization's overall risk management strategy and helps to ensure that the organization is operating in a safe and compliant manner., topic=null, hs_path=compliance-management}--
{tableName=glossary, name=Risk Management Standards, description= Risk Management Standards are a set of guidelines that provide organizations with a framework to identify, assess, and manage potential risks to their operations. These standards help to ensure that organizations are taking appropriate measures to prevent and mitigate risks that could result in financial, operational, or reputational damage. Risk management standards typically include components such as risk assessment, risk control, risk monitoring, and risk communication. Risk assessment involves identifying and analyzing potential risks, while risk control involves taking steps to reduce the likelihood of risks occurring. Risk monitoring involves tracking and monitoring the effectiveness of risk control measures, and risk communication involves informing key stakeholders of the risks and risk control measures. Risk management standards help to ensure that organizations are taking the necessary steps to protect their operations and reputation., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1715624292575, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}', 15='{type=list, value=[{id=97620570509, name='Enterprise Risk Management'}]}'}], hs_path=risk-management-standards}--
{tableName=glossary, name=IT Audit, description= An IT Audit is an independent review of the information systems and related operations of an organization. It is designed to evaluate the effectiveness of internal controls, ensure compliance with applicable laws and regulations, and identify opportunities for improvement. IT Audits assess the accuracy and completeness of data, the integrity of system security and access controls, the effectiveness of system performance and reliability, the accuracy of system processing, the accuracy and completeness of system documentation, and the accuracy and completeness of system backups and recovery processes. The audit also evaluates the appropriateness of policies and procedures, the effectiveness of the organization’s IT governance framework, the adequacy of risk management processes, and the effectiveness of system change management processes. The audit process typically includes interviews with personnel, review of system documentation, and testing of system controls. The results of the audit are summarized in a report that provides recommendations for improvement and corrective actions., topic=null, hs_path=it-audit}--
Triage

Triage is the process of quickly assessing and categorizing patients based on the severity of their ...

Discretionary Access Control (DAC) Attributes

Discretionary Access Control (DAC) attributes are security measures used to control and manage acces...

Cybersecurity Risk Management
Information Asset

An information asset is a resource that has value to an individual, organization, or government. It ...

Compliance Management

Compliance Management is the practice of ensuring that an organization is adhering to all applicable...

Enterprise Risk Management
Risk Management Standards

Risk Management Standards are a set of guidelines that provide organizations with a framework to ide...

IT Audit

An IT Audit is an independent review of the information systems and related operations of an organiz...

eBooks

Revolutionizing GRC with AI: Harnes...

eBook

Revolutionizing GRC with AI: Harnessing the power of LLM and RAG technologies

Download
GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks