Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Webinars

IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Building intelligent vendor risk pr...

On-demand Webinar

Building intelligent vendor risk programs

Discover how to revolutionize your vendor risk management (VRM) processes with 6clicks' comprehensive solution in our on...
date-icon

May 29, 2024

location

Virtual

Mastering Security Compliance

On-demand Webinar

Mastering Security Compliance

Join our webinar to unlock the potential of AI-driven security compliance with 6clicks! Discover how to intelligently au...
date-icon

May 15, 2024

location

Virtual

See all webinars
{tableName=glossary, name=ISO/IEC Cloud Security Standard, description= ISO/IEC Cloud Security Standard is an international standard developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It provides a set of guidelines for organizations to ensure the security of their cloud computing environment. The standard covers a wide range of topics including security requirements, risk management, security architecture, service level agreements, and compliance. It also provides guidance on how to protect cloud assets, such as data, applications, and infrastructure from potential threats. The standard is designed to promote the secure adoption and use of cloud computing technologies by providing organizations with the necessary guidance to ensure their cloud environment is secure., topic=null, hs_path=iso-iec-cloud-security-standard}--
{tableName=glossary, name=ISO/IEC 27102, description= ISO/IEC 27102 is an international standard for privacy information management systems (PIMS) developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). This standard is designed to provide organizations with a framework for developing and implementing a comprehensive privacy program that will protect personal data. The standard provides guidance on the collection, processing, storage, use, disclosure, and disposal of personal data. It also provides guidance on the development of policies and procedures to ensure that organizations are compliant with applicable privacy laws and regulations. The standard includes requirements for the protection of personal data, such as the establishment of a privacy impact assessment (PIA) process, the development of privacy policies and procedures, and the implementation of privacy management systems. In addition, it provides guidance on the use of privacy enhancing technologies (PETs) and the development of privacy education and awareness programs., topic=null, hs_path=iso-iec-27102}--
{tableName=glossary, name=ISO/IEC Directives Part 1, description= ISO/IEC Directives Part 1 is an international standard that provides guidelines for the development, approval, publication, and maintenance of International Standards, Technical Specifications, Technical Reports, and Publicly Available Specifications. It is the main document of the ISO/IEC process for the development and publication of international standards. It outlines the roles and responsibilities of the various entities involved in the process, such as the ISO/IEC members, the ISO/IEC Technical Management Board, the ISO/IEC Central Secretariat, and the ISO/IEC Technical Committees. It also outlines the process for the development of new standards, the review process, and the publication and maintenance process. Furthermore, it provides guidance on the use of the ISO/IEC logo and the ISO/IEC copyright statement. Finally, it outlines the process for the withdrawal, revision, and amendment of existing standards., topic=null, hs_path=iso-iec-directives-part-1}--
{tableName=glossary, name=Security Management, description= Security Management is the process of identifying, assessing, and managing the risks to an organization’s assets, personnel, and operations. It involves the implementation of security policies, procedures, and controls to protect the organization from threats and vulnerabilities. Security Management also involves the identification of potential risks, the development of strategies to mitigate those risks, and the implementation of those strategies to ensure the safety and security of the organization. Security Management is a crucial component of any organization’s overall risk management strategy and is necessary for the protection of personnel, data, and other assets., topic=[{id=97620570504, createdAt=1673040885302, updatedAt=1715750255339, path='information-security-management-system', name=' ISMS Guide: Info Security Mgmt System Overview', 1='{type=string, value=Information Security Management System (ISMS)}', 2='{type=string, value= This authoritative guide provides a comprehensive overview of Information Security Management Systems (ISMS). It covers the fundamentals of ISMS, as well as best practices for implementing an effective ISMS. It also}', 5='{type=string, value=This guide provides a comprehensive overview of Information Security Management Systems (ISMS), which are designed to protect organizations from the risks for which information security, cybersecurity and privacy protection are required. It covers the fundamentals of ISMS, including the components of an ISMS, the process of implementing an ISMS, and the various requirements and standards associated with ISMS. It also covers the different types of security threats, the best practices for mitigating them, and the importance of having a robust ISMS in place. Finally, this guide provides practical advice on how to design and implement an effective ISMS, as well as how to maintain it over time. With this guide, readers will gain a deeper understanding of how to protect their organizations from cyber threats and ensure their data is secure.}', 15='{type=list, value=[{id=97620570504, name='Information Security Management System (ISMS)'}]}'}, {id=97620570528, createdAt=1673040885452, updatedAt=1715624222504, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}', 15='{type=list, value=[{id=97620570528, name='Cybersecurity Risk Management'}]}'}], hs_path=security-management}--
{tableName=glossary, name=Information Security Risk Acceptance, description= Information Security Risk Acceptance is the process of identifying, assessing, and deciding to accept or reject a security risk. It involves a comprehensive assessment of the potential risks associated with a system or process, and the development of a strategy to reduce or eliminate those risks. This process typically includes the evaluation of the potential impact of the risk, the available resources to manage the risk, and the potential cost and benefit of accepting the risk. The ultimate goal of risk acceptance is to ensure that the organization is taking the necessary steps to protect its information assets and operations., topic=null, hs_path=information-security-risk-acceptance}--
{tableName=glossary, name=ISO/IEC 27001 Certified, description= ISO/IEC 27001 Certified is an internationally recognized certification that demonstrates an organization's commitment to information security and data protection. It is a standard that sets out the requirements for an information security management system (ISMS) and is based on a risk management approach. The certification is designed to help organizations protect their information assets, including confidential data and intellectual property, from unauthorized access, use, disclosure, modification, or destruction. The certification process involves an independent audit of an organization's ISMS, which includes assessing the organization's security policies, procedures, and controls. It also requires the organization to demonstrate its commitment to continual improvement of its ISMS. An ISO/IEC 27001 Certified organization is committed to protecting the confidentiality, integrity, and availability of its information assets and is recognized as a leader in information security and data protection., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-certified}--

eBooks

GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...