Skip to content
🚨 Upcoming webinar: AI and the Future of GRC featuring Ant Stevens and Michael Rasmussen 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
How to enhance the governance of your company's cyber risk profile
On-demand Webinar

How to enhance the governance of your company's cy...

Our expert panelists Katherine Mansted from CyberXC, Peter Deans from Notwithoutrisk, and Andrew Robinson from 6clicks present their insights on cyber...

Webinars

Unlocking smart value for MSPs: Fro...

On-demand Webinar

Unlocking smart value for MSPs: From assessment to full vCISO services

Join us for a webinar designed for Managed Service Providers (MSPs) to explore how 6clicks can transform your services. ...
date-icon

Jul 17, 2024

location

Virtual

Register Now
A look behind the scenes at the GRC...

On-demand Webinar

A look behind the scenes at the GRC practices of an AI-powered GRC company

Discover the inner workings of 6clicks' Governance, Risk, and Compliance (GRC) practices with our exclusive on-demand we...
date-icon

Jul 12, 2024

location

Virtual

Register Now
IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

What are the key steps involved in the i...

The internal audit process using 6clicks involves ...

What should be included in an ISO audit ...

An ISO audit checklist for cybersecurity complianc...

{tableName=glossary, name=Thin Client, description= A thin client is a computer or device that relies on a server to perform its computing tasks. It is typically used in an environment where the user accesses applications and data stored on a remote server, rather than on the local machine. Thin clients are typically much less expensive than traditional PCs and are used in a variety of settings, such as government offices, educational institutions, and businesses. They are also used in home networks, where they provide access to shared files and applications. Thin clients are often used in cloud computing environments, where multiple users can access the same applications and data stored on a remote server. Thin clients are typically much more secure than traditional PCs, as they are not able to store data or applications locally., topic=null, hs_path=thin-client}--
{tableName=glossary, name=NIST 800 171, description= NIST 800 171 is a set of standards and guidelines issued by the National Institute of Standards and Technology (NIST) for the protection of Controlled Unclassified Information (CUI) stored or processed on nonfederal information systems and organizations. The standards and guidelines are intended to help protect CUI from unauthorized access, use, disclosure, modification, or destruction in accordance with the Federal Information Security Modernization Act (FISMA) of 2014. The standards and guidelines are based on the NIST Cybersecurity Framework and include requirements for identifying, protecting, detecting, responding to, and recovering from cyber threats. The standards and guidelines also require organizations to have in place a risk management program, which includes risk assessments, security controls, security testing, and incident response plans. Additionally, organizations must have a process for monitoring and reporting on the security of their systems and networks. NIST 800 171 provides organizations with a comprehensive set of security requirements and best practices for protecting CUI., topic=[{id=97620570517, createdAt=1673040885385, updatedAt=1715624508691, path='nist-sp-800-171', name=' NIST SP 800-171 Guide: A Comprehensive Overview', 1='{type=string, value=NIST SP 800-171}', 2='{type=string, value= This guide provides an overview of NIST SP 800-171, a cybersecurity standard for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. Learn about the security}', 5='{type=string, value=The NIST SP 800-171 Guide is an authoritative source of information for organizations looking to ensure the security of their Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations. This guide provides an overview of the security requirements and best practices for protecting CUI, as well as detailed guidance on how to implement these requirements. It covers topics such as user access control, system and network security, incident response, and logging and monitoring. The guide also provides an overview of the NIST Risk Management Framework and the NIST Cybersecurity Framework, and provides detailed guidance on how to use these frameworks to assess and mitigate risk. This guide is an essential resource for organizations looking to ensure the security of their CUI.}', 15='{type=list, value=[{id=97620570517, name='NIST SP 800-171'}]}'}], hs_path=nist-800-171}--
{tableName=glossary, name=Patch Management, description= Patch management is the process of identifying, downloading, testing, and applying patches to software applications and operating systems. It is an essential part of IT security and maintenance, as patches are released to fix security vulnerabilities, improve performance, and address other issues. Patch management involves a cycle of activities, including identifying applicable patches, obtaining and testing the patches, approving or rejecting the patches, and deploying the approved patches. This process is important for keeping systems current, secure, and functioning properly., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=patch-management}--
{tableName=glossary, name=COBIT Framework Principles, description= The COBIT Framework Principles are a set of seven guiding principles for the effective governance and management of enterprise IT. The COBIT framework is a comprehensive, widely accepted approach to IT governance and management that provides organizations with the ability to effectively manage IT-related risks and realize the benefits of IT investments. The seven principles are: 1. Meeting Stakeholder Needs: IT should be managed to meet the needs of stakeholders, including customers, regulators, shareholders, and other stakeholders. 2. Covering the Enterprise End-to-End: IT should be managed holistically across the entire enterprise, from strategy to operations. 3. Applying a Single Integrated Framework: IT should be managed using a single integrated framework that incorporates best practices from multiple sources. 4. Enabling a Holistic Approach: IT should be managed in a holistic manner, considering the organization’s overall objectives, strategies, and risks. 5. Separating Governance from Management: IT governance should be separated from IT management, with governance focusing on setting policy and direction, and management focusing on the day-to-day operations. 6. Optimizing Risk vs. Return: IT investments should be managed to optimize the return on investment while managing IT-related risks. 7. Applying the Right Controls: IT should be managed using the appropriate controls to ensure that the organization’s objectives are met., topic=null, hs_path=cobit-framework-principles}--
{tableName=glossary, name=Cloud Controls Matrix (CCM) Domains, description= A Cloud Controls Matrix (CCM) Domains is a set of security controls and associated security requirements that are used to ensure the security of cloud-based services, applications, and data. It is a collection of security controls that are designed to protect cloud-based services, applications, and data from unauthorized access, misuse, and loss. The CCM Domains provide a framework for organizations to evaluate the security posture of their cloud-based services, applications, and data, and to ensure that the security controls are implemented to meet the organization's security requirements. The CCM Domains are divided into four main areas: Identity and Access Management, Data Protection, Infrastructure Security, and Application Security. The Identity and Access Management Domain focuses on the security of user accounts and authentication, while the Data Protection Domain focuses on the security of the data stored in the cloud. The Infrastructure Security Domain focuses on the security of the cloud infrastructure, while the Application Security Domain focuses on the security of the applications running on the cloud. The CCM Domains provide organizations with a comprehensive security framework that can be used to ensure the security of their cloud-based services, applications, and data., topic=null, hs_path=cloud-controls-matrix-ccm-domains}--
{tableName=guides, name=ASD Essential 8, description= This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve the outcomes of children with Autism Spectrum Disorder. Learn how to identify and implement these strategies to help, topic=[{id=97620570506, createdAt=1673040885315, updatedAt=1715624279165, path='asd-essential-8', name=' ASD Essential 8 Guide: A Comprehensive Overview', 1='{type=string, value=ASD Essential 8}', 2='{type=string, value= This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve the outcomes of children with Autism Spectrum Disorder. Learn how to identify and implement these strategies to help}', 5='{type=string, value=This authoritative guide provides an in-depth look at the ASD Essential 8 (E8), a set of eight measures developed by the Australian Signals Directorate (ASD) to protect organizations from cyber threats. It explores whether the ASD Essential 8 are mandatory or not for your organisations and covers the fundamentals of each of the eight measures, including the maturity levels, how to perform an assessment and implementation guidenace.}', 15='{type=list, value=[{id=97620570506, name='ASD Essential 8'}]}'}], hs_path=asd-essential-8}--
Thin Client

A thin client is a computer or device that relies on a server to perform its computing tasks. It is ...

NIST SP 800-171
NIST 800 171

NIST 800 171 is a set of standards and guidelines issued by the National Institute of Standards and ...

Vulnerability Management
Patch Management

Patch management is the process of identifying, downloading, testing, and applying patches to softwa...

COBIT Framework Principles

The COBIT Framework Principles are a set of seven guiding principles for the effective governance an...

Cloud Controls Matrix (CCM) Domains

A Cloud Controls Matrix (CCM) Domains is a set of security controls and associated security requirem...

ASD Essential 8
ASD Essential 8

This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve...

eBooks

Revolutionizing GRC with AI: Harnes...

eBook

Revolutionizing GRC with AI: Harnessing the power of LLM and RAG technologies

Download
GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks