The 6clicks Marketplace provides a single source for apps and content that integrate with the core 6clicks GRC platform. The platform also connects businesses with customers and provides a variety of tools and resources to help them succeed.
{tableName=glossary, name=ISO/IEC 27005 And ISRM, description=
ISO/IEC 27005 is an international standard that provides guidance on information security risk management (ISRM). It is designed to help organizations understand, manage, and reduce the risks associated with their information security activities. The standard focuses on the principles and processes of risk management, and provides guidance on the selection and implementation of risk management activities. It also provides guidance on the integration of risk management into the overall management system of an organization. ISO/IEC 27005 is based on the ISO/IEC 27001 standard, which provides a framework for the implementation of information security management systems. The standard is applicable to any organization, regardless of size, type, or sector. It is intended to help organizations identify and manage the risks associated with their information security activities, and to ensure that appropriate measures are taken to protect their information assets. The standard provides guidance on the assessment of risk, the development of risk management plans, and the implementation and monitoring of risk management measures., topic=null, hs_path=iso-iec-27005-and-isrm}--
{tableName=comparison, name=ISO 27001 vs APRA CPS 234, description=
ISO 27001 vs APRA CPS 234: Compare the two leading international information security standards. Learn the differences between ISO 27001 and APRA CPS 234., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
{tableName=glossary, name=SOC 2, description=
SOC 2 is a set of auditing standards developed by the American Institute of Certified Public Accountants (AICPA) to evaluate and validate the security, availability, processing integrity, confidentiality, and privacy of a service organization’s systems and processes. The SOC 2 audit is designed to provide assurance to customers and other stakeholders that the service organization has met the AICPA’s Trust Services Principles and Criteria. The Trust Services Principles are a set of security, availability, processing integrity, confidentiality, and privacy criteria that organizations must meet in order to demonstrate that they have taken the necessary steps to protect their customers’ data. The SOC 2 audit is conducted by a third-party audit firm and is typically conducted annually. The audit report is then made available to customers, partners, and other stakeholders. The SOC 2 audit is an important tool for organizations to demonstrate their commitment to security and data privacy, as well as to provide assurance to customers and other stakeholders that their data is secure and protected., topic=null, hs_path=soc-2}--
{tableName=guides, name=Cybersecurity Risk Management, description=
This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that, topic=null, hs_path=cybersecurity-risk-management}--
{tableName=glossary, name=Attestation of Compliance (AOC), description=
Attestation of Compliance (AOC) is a formal declaration from an organization or individual that confirms that the organization or individual has met all of the necessary requirements to comply with a particular law, regulation, policy, or standard. It is typically used to demonstrate that an organization or individual has taken the necessary steps to ensure that they are in compliance with a particular set of rules or guidelines. An AOC is typically issued by an independent third-party organization or individual, such as a compliance officer or an auditor, and is used to provide evidence of compliance to an organization's stakeholders, regulators, or other interested parties. An AOC can cover a wide range of topics, including financial reporting, health and safety, and data privacy. Additionally, an AOC may contain detailed information about the measures taken to ensure compliance, as well as any corrective actions taken in response to any non-compliance., topic=null, hs_path=attestation-of-compliance-aoc}--
{tableName=glossary, name=AFSL Authorised Representative, description=
An AFSL Authorised Representative is an individual or organisation that has been authorised by an Australian Financial Services Licence (AFSL) holder to provide financial services on their behalf. They are responsible for ensuring that the services they provide comply with the relevant laws, regulations and standards set out by the AFSL holder. They must also be adequately trained and qualified to provide the services they are authorised to provide. AFSL Authorised Representatives are typically required to have an appropriate level of insurance coverage in place to protect their clients from any losses that may occur as a result of their services. They must also adhere to the terms of the AFSL holder's agreement and any other legal requirements., topic=null, hs_path=afsl-authorised-representative}--