Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
Responding to Australia's new critical infrastructure laws
On-demand Webinar

Responding to Australia's new critical infrastruct...

Join industry experts Andrew Robinson, Matthew Chantrell and Ryan Turan to share their insights into how to automate and manage your compliance with A...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=COBIT Framework Principles, description= The COBIT Framework Principles are a set of seven guiding principles for the effective governance and management of enterprise IT. The COBIT framework is a comprehensive, widely accepted approach to IT governance and management that provides organizations with the ability to effectively manage IT-related risks and realize the benefits of IT investments. The seven principles are: 1. Meeting Stakeholder Needs: IT should be managed to meet the needs of stakeholders, including customers, regulators, shareholders, and other stakeholders. 2. Covering the Enterprise End-to-End: IT should be managed holistically across the entire enterprise, from strategy to operations. 3. Applying a Single Integrated Framework: IT should be managed using a single integrated framework that incorporates best practices from multiple sources. 4. Enabling a Holistic Approach: IT should be managed in a holistic manner, considering the organization’s overall objectives, strategies, and risks. 5. Separating Governance from Management: IT governance should be separated from IT management, with governance focusing on setting policy and direction, and management focusing on the day-to-day operations. 6. Optimizing Risk vs. Return: IT investments should be managed to optimize the return on investment while managing IT-related risks. 7. Applying the Right Controls: IT should be managed using the appropriate controls to ensure that the organization’s objectives are met., topic=null, hs_path=cobit-framework-principles}--
{tableName=comparison, name=PCI-DSS vs APRA CPS 234, description= Learn the differences between the Payment Card Industry Data Security Standard (PCI-DSS) and the Australian Prudential Regulation Authority's (APRA) CPS 234. , topic=[{id=97620570502, createdAt=1673040885290, updatedAt=1683947890075, path='pci-dss', name=' PCI-DSS: A Guide to Meeting Security Requirements', 1='{type=string, value=PCI-DSS}', 2='{type=string, value=This guide provides an overview of the Payment Card Industry Data Security Standard (PCI-DSS) and the steps to take to ensure compliance with}', 5='{type=string, value=

This comprehensive guide provides a comprehensive overview of the Payment Card Industry Data Security Standard (PCI-DSS), a set of security standards designed to protect cardholder data and reduce the risk of data breaches. It covers the key components of the PCI-DSS, including the 12 requirements, the 6 goals, and the 6 core principles. It also provides a detailed description of the processes, technologies, and tools required to comply with the standard. Furthermore, the guide includes best practices for implementing the standard and provides resources to help organizations stay on top of the latest developments in the industry.

This guide provides a roadmap for achieving PCI-DSS compliance and maintaining a secure environment.

}'}], hs_path=pci-dss-vs-apra-cps-234}--
{tableName=glossary, name=Network, description= A network is a system of interconnected components, such as computers, servers, and other peripherals, that are capable of exchanging data and sharing resources. Networks are typically composed of hardware, such as routers, switches, and cables, as well as software and protocols that allow the components to communicate. Networks can be used for a variety of purposes, such as file sharing, data storage and retrieval, communication, and entertainment. Networks can be local, such as a home or office network, or global, such as the Internet. They can also be wired or wireless. Networks are an essential part of modern life, as they allow us to access information, communicate with others, and collaborate on projects., topic=null, hs_path=network}--
{tableName=comparison, name=SOC 2 vs ASD Essential 8, description=SOC 2 vs ASD Essential 8: Compare the two standards to understand their differences & similarities. Learn which standard is best for your organization., topic=[{id=97620570514, createdAt=1673040885366, updatedAt=1683947939686, path='soc-2', name=' SOC 2 Compliance: A Comprehensive Guide', 1='{type=string, value=SOC 2}', 2='{type=string, value= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary}', 5='{type=string, value=This comprehensive guide provides an in-depth look at SOC 2, a set of standards used to assess the security, availability, processing integrity, confidentiality, and privacy of a service organization. It is designed to help service organizations understand the requirements of the SOC 2 framework, as well as how to implement and maintain the necessary controls to achieve compliance. This guide provides a detailed overview of the SOC 2 framework, including the five trust principles, the criteria used to evaluate those principles, and the process organizations must go through to become compliant. Additionally, this guide provides best practices for organizations to ensure they remain compliant, as well as advice on how to handle any non-compliance issues that may arise. With this guide, service organizations can gain a better understanding of the SOC 2 framework and how to use it to maintain the security and privacy of their customers' data.}'}], hs_path=soc-2-vs-asd-essential-8}--
{tableName=glossary, name=Data Protection Impact Assessment (DPIA), description= Data Protection Impact Assessment (DPIA) is a process used to identify, assess, and manage data protection risks within an organization. It is an important tool for organizations to ensure that personal data is processed in accordance with the applicable data protection laws and regulations. A DPIA is a risk-based assessment that helps organizations to identify and mitigate any potential risks associated with the processing of personal data. It is used to evaluate the necessity and proportionality of the processing activities, to identify and assess the potential risks to the rights and freedoms of individuals, and to identify any measures necessary to address those risks. The DPIA should be conducted before the processing of personal data begins and should be updated periodically to ensure that the risks are managed and minimized. The DPIA should include the identification of the data controller and processor, the purpose of the data processing, the categories of personal data to be processed, the recipients of the data, the duration of the data processing, the security measures in place, and the measures taken to protect the rights of the data subjects., topic=null, hs_path=data-protection-impact-assessment-dpia}--
{tableName=glossary, name=End Point Security, description= End Point Security is a form of cyber security that focuses on protecting the individual devices, such as computers, laptops, and mobile devices, that are connected to a network. It encompasses a range of security measures, including antivirus software, firewalls, intrusion detection systems, and encryption, to protect the devices from malicious attacks. End Point Security is important because it helps to protect the data stored on the device from unauthorized access, as well as the device itself from malicious software and other threats. End Point Security also helps to ensure that only authorized users have access to the network and the data stored on it. End Point Security is a key component of any organization's overall security strategy, as it helps to protect the organization's data and assets from external threats., topic=null, hs_path=end-point-security}--
COBIT Framework Principles

The COBIT Framework Principles are a set of seven guiding principles for the effective governance an...

PCI-DSS
PCI-DSS vs APRA CPS 234

Learn the differences between the Payment Card Industry Data Security Standard (PCI-DSS) and the Aus...

Network

A network is a system of interconnected components, such as computers, servers, and other peripheral...

SOC 2
SOC 2 vs ASD Essential 8

SOC 2 vs ASD Essential 8: Compare the two standards to understand their differences & similariti...

Data Protection Impact Assessment (DPIA)

Data Protection Impact Assessment (DPIA) is a process used to identify, assess, and manage data prot...

End Point Security

End Point Security is a form of cyber security that focuses on protecting the individual devices, su...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks