Skip to content
🚨 Upcoming webinar: AI and the Future of GRC featuring Ant Stevens and Michael Rasmussen 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Responding to Australia's new critical infrastructure laws
On-demand Webinar

Responding to Australia's new critical infrastruct...

Join industry experts Andrew Robinson, Matthew Chantrell and Ryan Turan to share their insights into how to automate and manage your compliance with A...

Webinars

Unlocking smart value for MSPs: Fro...

On-demand Webinar

Unlocking smart value for MSPs: From assessment to full vCISO services

Join us for a webinar designed for Managed Service Providers (MSPs) to explore how 6clicks can transform your services. ...
date-icon

Jul 17, 2024

location

Virtual

Register Now
A look behind the scenes at the GRC...

On-demand Webinar

A look behind the scenes at the GRC practices of an AI-powered GRC company

Discover the inner workings of 6clicks' Governance, Risk, and Compliance (GRC) practices with our exclusive on-demand we...
date-icon

Jul 12, 2024

location

Virtual

Register Now
IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

What are the key steps involved in the i...

The internal audit process using 6clicks involves ...

What should be included in an ISO audit ...

An ISO audit checklist for cybersecurity complianc...

{tableName=glossary, name=ISO/IEC 27002 Framework, description= ISO/IEC 27002 is an international standard that provides guidelines for the implementation of an information security management system (ISMS). It is part of a larger set of standards known as the ISO/IEC 27000 series, which provides a comprehensive framework for organizations to manage their information security. The ISO/IEC 27002 framework outlines a set of security controls and best practices that organizations can use to protect their information assets. These controls include physical security, access control, system security, network security, and data security. The framework also provides guidance on how to develop and implement an effective ISMS. The standard is designed to help organizations ensure the confidentiality, integrity, and availability of their information assets, and to comply with applicable laws and regulations., topic=null, hs_path=iso-iec-27002-framework}--
{tableName=glossary, name=Risk, description= Risk is the potential for loss or harm that can be caused by making a decision or taking an action. It is the uncertainty of an outcome or the potential of suffering harm or loss. Risk can be both positive and negative; it can include financial, physical, psychological, and legal risks. Risk can be managed through an assessment of the potential outcomes, the likelihood of each outcome, and the consequences of each outcome. Risk management involves identifying, assessing, and managing risks, as well as developing strategies to minimize or prevent potential losses. Risk management is a critical part of any business, organization, or individual's decision-making process., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1715624292575, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}', 15='{type=list, value=[{id=97620570509, name='Enterprise Risk Management'}]}'}], hs_path=risk}--
{tableName=glossary, name=Data Exfiltration, description= Data exfiltration is the unauthorized transfer of data from a secure system or network to an external location or device. It is a malicious activity typically performed by cybercriminals to steal sensitive information, such as financial data, intellectual property, or personally identifiable information (PII). Data exfiltration can occur through a variety of methods, including malware, phishing, and malicious insiders. Malware is malicious software designed to infiltrate a system and steal data, while phishing involves sending fraudulent emails in an attempt to gain access to the target system or network. Malicious insiders are individuals with authorized access to the system or network who use their access to steal data. Data exfiltration can also be caused by misconfigured systems or networks, which allow malicious actors to gain access to the data without authorization. Regardless of the method used, data exfiltration can have serious consequences for organizations, including financial losses, reputational damage, and compliance violations., topic=null, hs_path=data-exfiltration}--
{tableName=glossary, name=Policy management, description= Policy management is the process of developing, implementing, and maintaining organizational policies, procedures, and guidelines. It is a comprehensive system of setting and enforcing standards and guidelines to ensure that all employees and stakeholders are aware of and comply with the organization’s policies. Policy management includes creating and maintaining a policy document, making sure it is up-to-date, communicating it to stakeholders, and monitoring compliance. It also includes developing an enforcement system to ensure that the policy is followed and that any violations are addressed and corrected. Policy management is an important part of any organization’s risk management strategy, as it helps to ensure that the organization is complying with relevant laws and regulations, and that it is taking steps to protect its employees, customers, and assets., topic=[{id=97620570510, createdAt=1673040885340, updatedAt=1715624381441, path='regulatory-compliance', name='Streamlining Compliance Management: The 6clicks Advantage', 1='{type=string, value=Regulatory Compliance}', 5='{type=string, value=This guide provides an overview of the key principles and strategies for successful compliance management. Learn how to navigate regulatory requirements, mitigate risks, and streamline processes with the help of advanced compliance management solutions. Gain valuable insights to ensure your organization's adherence to laws, regulations, and industry standards while promoting a culture of compliance and achieving operational excellence.}', 2='{type=string, value=This guide provides an overview of the regulations and compliance requirements for businesses in the US, UK, AU and EU. Learn how to stay compliant and protect your business from potential legal issues.}'}], hs_path=policy-management}--
{tableName=glossary, name=Risk Identification, description= Risk identification is the process of recognizing and assessing the potential risks associated with a particular situation, event, or activity. It involves analyzing the environment, identifying potential risks, and assessing the likelihood of their occurrence. Risk identification is a critical component of any risk management program, as it helps to identify the potential risks that could have an impact on a project, organization, or individual. It is important to recognize that risk identification is not a one-time process and should be regularly reviewed and updated as new information becomes available. Risk identification can be done through a variety of methods, such as brainstorming, interviews, surveys, and reviews of historical data. The goal of risk identification is to create a comprehensive list of potential risks that can be used to develop strategies to mitigate or avoid them., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1715624292575, path='enterprise-risk-management', name=' Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value= This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}', 15='{type=list, value=[{id=97620570509, name='Enterprise Risk Management'}]}'}], hs_path=risk-identification}--
{tableName=glossary, name=Data Integrity, description= Data Integrity is the assurance that data is complete, accurate, and reliable throughout its lifecycle. It is the process of ensuring that data is not corrupted, compromised, or altered in any way. Data Integrity is achieved through a combination of technical and administrative measures that prevent unauthorized access to data and protect it from being modified, deleted, or otherwise corrupted. Data Integrity also ensures that data is stored and maintained in its original form, and that any changes made to the data are done in a controlled and secure manner. Data Integrity is essential for the successful operation of any system that relies on data for its functioning. Data Integrity is critical for the accuracy and reliability of data, as well as for the security of data and the protection of information., topic=null, hs_path=data-integrity}--
ISO/IEC 27002 Framework

ISO/IEC 27002 is an international standard that provides guidelines for the implementation of an inf...

Enterprise Risk Management
Risk

Risk is the potential for loss or harm that can be caused by making a decision or taking an action. ...

Data Exfiltration

Data exfiltration is the unauthorized transfer of data from a secure system or network to an externa...

Regulatory Compliance
Policy management

Policy management is the process of developing, implementing, and maintaining organizational policie...

Enterprise Risk Management
Risk Identification

Risk identification is the process of recognizing and assessing the potential risks associated with ...

Data Integrity

Data Integrity is the assurance that data is complete, accurate, and reliable throughout its lifecyc...

eBooks

Revolutionizing GRC with AI: Harnes...

eBook

Revolutionizing GRC with AI: Harnessing the power of LLM and RAG technologies

Download
GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks