The 6clicks Marketplace provides a single source for apps and content that integrate with the core 6clicks GRC platform. The platform also connects businesses with customers and provides a variety of tools and resources to help them succeed.
{tableName=glossary, name=AFSL Authorised Representative, description=
An AFSL Authorised Representative is an individual or organisation that has been authorised by an Australian Financial Services Licence (AFSL) holder to provide financial services on their behalf. They are responsible for ensuring that the services they provide comply with the relevant laws, regulations and standards set out by the AFSL holder. They must also be adequately trained and qualified to provide the services they are authorised to provide. AFSL Authorised Representatives are typically required to have an appropriate level of insurance coverage in place to protect their clients from any losses that may occur as a result of their services. They must also adhere to the terms of the AFSL holder's agreement and any other legal requirements., topic=null, hs_path=afsl-authorised-representative}--
{tableName=comparison, name=ISO 27001 vs SOC 2, description=
ISO 27001 and SOC 2 are two global standards for information security management. Learn the key differences between them., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
{tableName=glossary, name=Types Of Insider Threat Actors, description=
Types of Insider Threat Actors are individuals or groups of people who have legitimate access to an organization’s resources, networks, and systems, but who use that access to cause harm to the organization or its stakeholders. These individuals are often motivated by financial gain, revenge, or political or ideological beliefs. They may also be motivated by a desire to steal sensitive information, disrupt operations, or damage the organization’s reputation. Types of Insider Threat Actors include malicious insiders, negligent insiders, and compromised insiders. Malicious insiders are those individuals who deliberately use their access to cause harm to the organization or its stakeholders. Negligent insiders are those individuals who unintentionally cause harm due to their lack of security awareness or understanding of the organization’s security policies. Compromised insiders are those individuals who are tricked or coerced into providing access to the organization’s resources, networks, and systems., topic=null, hs_path=types-of-insider-threat-actors}--
{tableName=glossary, name=BS 10012, description=
BS 10012 is a British Standard that provides a framework for organizations to manage and protect personal data. It outlines the requirements for a personal information management system (PIMS) which is designed to ensure the security, integrity and confidentiality of personal data. The standard covers the areas of data governance, data protection, data quality and data security. It provides guidance on how to identify, collect, store, process, use, protect and dispose of personal data. It also outlines the roles and responsibilities of those involved in the management of personal data and provides recommendations for the implementation of a PIMS. BS 10012 is intended to help organizations comply with data protection legislation and to ensure that personal data is handled responsibly and securely., topic=null, hs_path=bs-10012}--
{tableName=glossary, name=Risk Mitigation, description=
Risk mitigation is the process of identifying, assessing, and reducing the potential for negative impacts of risks to an organization's objectives. It involves developing strategies to manage the risks and implementing those strategies to reduce the likelihood of their occurrence and/or the severity of their impact. Risk mitigation strategies can include risk avoidance, risk transfer, risk sharing, risk reduction, risk acceptance, and risk control. Risk avoidance involves eliminating or avoiding activities or situations that could result in the risk. Risk transfer involves transferring the risk to another party, such as an insurance company, who will assume the risk in exchange for a fee. Risk sharing involves sharing the risk between parties, such as when two companies form a joint venture. Risk reduction involves reducing the likelihood of the risk occurring or the severity of its impact. Risk acceptance involves accepting the risk and taking no action to reduce it. Risk control involves implementing measures to reduce the risk, such as implementing safety protocols or installing security systems., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1683947919413, path='enterprise-risk-management', name='
Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value=
This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}'}], hs_path=risk-mitigation}--
{tableName=glossary, name=Australian Cyber Security Centre (ACSC), description=
The Australian Cyber Security Centre (ACSC) is a government agency that works to protect Australia’s national security interests in cyberspace. It is a joint venture between the Australian Signals Directorate, the Australian Security Intelligence Organisation, the Australian Federal Police, and the Department of Home Affairs. The ACSC works to protect Australia’s national security interests in cyberspace by providing advice and assistance to government, industry and the public on cyber security. It is responsible for developing strategies to protect Australia’s critical infrastructure, managing cyber security incidents, and providing advice on how to respond to cyber threats and attacks. The ACSC also works with industry and the public to help them protect their digital assets and reduce their risk of cyber threats. It provides resources and guidance on cyber security best practices, as well as information on current cyber security threats. The ACSC works closely with other government agencies, industry and the public to ensure Australia’s cyber security is maintained and improved., topic=null, hs_path=australian-cyber-security-centre-acsc}--