The 6clicks Marketplace provides a single source for apps and content that integrate with the core 6clicks GRC platform. The platform also connects businesses with customers and provides a variety of tools and resources to help them succeed.
{tableName=glossary, name=SOC 2 Trust Principles, description=
SOC 2 Trust Principles are a set of criteria used to evaluate and assess the security, availability, processing integrity, confidentiality, and privacy of a service organization’s systems and services. The Trust Principles are based on the American Institute of Certified Public Accountants’ (AICPA) Trust Services Principles and Criteria, which are designed to provide assurance about the security, availability, and privacy of a service organization’s systems and services. The SOC 2 Trust Principles are focused on the security, availability, processing integrity, confidentiality, and privacy of a service organization’s systems, services, and data. The Trust Principles are used to assess the design, implementation, and operating effectiveness of a service organization’s controls, procedures, and systems. The Trust Principles are designed to help service organizations develop, maintain, and demonstrate effective security, availability, processing integrity, confidentiality, and privacy of their systems and services., topic=null, hs_path=soc-2-trust-principles}--
{tableName=glossary, name=Virtual Private Network (VPN), description=
A Virtual Private Network (VPN) is a secure connection between two or more computers, devices, or networks over the internet. It uses encryption technology to protect data and ensure privacy. A VPN creates a tunnel between two computers, allowing them to communicate without being exposed to the public internet. This tunnel is encrypted, so any data sent through it is secure and can’t be intercepted. This makes it ideal for businesses and individuals who need to securely access private networks or send sensitive data over the internet. Additionally, a VPN can be used to bypass geo-restrictions and access content from other countries. It can also be used to prevent ISPs and governments from tracking your online activity., topic=null, hs_path=virtual-private-network-vpn}--
{tableName=guides, name=ISO 27001, description=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
{tableName=glossary, name=Logic Bomb, description=
A logic bomb is a malicious piece of code that is designed to cause damage to a computer system or disrupt its normal operations. It is usually triggered by a specific event or set of conditions, such as a specific date, a particular user action, or the passing of a certain amount of time. Once triggered, the logic bomb can delete data, corrupt files, or cause the system to crash. In some cases, logic bombs can even be used to spread malicious software to other systems. Logic bombs are usually created by skilled hackers or malicious software developers, and are usually difficult to detect and defend against., topic=null, hs_path=logic-bomb}--
{tableName=glossary, name=Malware Vs. Viruses Vs. Worm, description=s
Malware: Malware is a type of software designed to harm or exploit computer systems without the user’s knowledge or consent. It can be used to gain access to sensitive information, steal data, or cause damage to a computer system or network. Common types of malware include viruses, worms, spyware, adware, ransomware, and Trojans.
Viruses: A virus is a type of malware that infects computer systems or networks by replicating itself without the user’s knowledge or consent. It can spread from one computer to another, often via email or malicious websites. Once a virus is installed on a computer, it can cause damage by deleting files, corrupting data, or stealing information.
Worms: A worm is a type of malware that replicates itself across computer networks without the user’s knowledge or consent. Unlike a virus, a worm does not require a host program to spread. It can spread from one computer to another, often via email or malicious websites. Worms can be used to steal data, spread malicious code, or cause damage to a computer system or network., topic=null, hs_path=malware-vs.-viruses-vs.-worm}--
{tableName=glossary, name=ISO/IEC 27005 And ISRM, description=
ISO/IEC 27005 is an international standard that provides guidance on information security risk management (ISRM). It is designed to help organizations understand, manage, and reduce the risks associated with their information security activities. The standard focuses on the principles and processes of risk management, and provides guidance on the selection and implementation of risk management activities. It also provides guidance on the integration of risk management into the overall management system of an organization. ISO/IEC 27005 is based on the ISO/IEC 27001 standard, which provides a framework for the implementation of information security management systems. The standard is applicable to any organization, regardless of size, type, or sector. It is intended to help organizations identify and manage the risks associated with their information security activities, and to ensure that appropriate measures are taken to protect their information assets. The standard provides guidance on the assessment of risk, the development of risk management plans, and the implementation and monitoring of risk management measures., topic=null, hs_path=iso-iec-27005-and-isrm}--