Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Webinars

IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Building intelligent vendor risk pr...

On-demand Webinar

Building intelligent vendor risk programs

Discover how to revolutionize your vendor risk management (VRM) processes with 6clicks' comprehensive solution in our on...
date-icon

May 29, 2024

location

Virtual

Mastering Security Compliance

On-demand Webinar

Mastering Security Compliance

Join our webinar to unlock the potential of AI-driven security compliance with 6clicks! Discover how to intelligently au...
date-icon

May 15, 2024

location

Virtual

See all webinars
{tableName=glossary, name=Internal Environment, description= The internal environment of an organization refers to the conditions, structures, and factors that exist within the organization and affect its ability to function and reach its objectives. It includes the organization's culture, values, attitudes, communication structure, leadership style, management systems, and employee morale. It also includes the organization's resources, such as its financial resources, physical resources, and human resources. The internal environment of an organization is a key factor in determining its success and failure. It is important that the internal environment is managed and monitored closely to ensure that the organization is working towards its goals and objectives., topic=null, hs_path=internal-environment}--
{tableName=glossary, name=Configuration Management Database (CMDB), description= A Configuration Management Database (CMDB) is a database that stores and organizes detailed information about the components of an organization's IT infrastructure, including hardware, software, networks, and services. It is used to track and manage changes to the infrastructure, such as upgrades, new installations, and decommissioning of components, as well as to monitor the health and performance of the system. The CMDB is also used to ensure that the IT infrastructure is compliant with organizational policies and regulations. In addition, the CMDB can be used to provide a comprehensive view of the IT environment and its relationships, which can be used for capacity planning, forecasting, and decision making. The CMDB is also used to automate and streamline IT operations, such as incident management and change management. The CMDB is a powerful tool for IT departments to ensure the reliability and availability of their IT infrastructure., topic=null, hs_path=configuration-management-database-cmdb}--
{tableName=glossary, name=ISO/IEC / IEC 27004:2016 Advantages, description= ISO/IEC 27004:2016 Advantages is a standard that provides guidance on the use of a range of quantitative methods to measure, analyze, and interpret the advantages of an organization's information security management system (ISMS). The standard is based on the ISO/IEC 27001:2013 standard, which provides a framework for the implementation of an ISMS. The ISO/IEC 27004:2016 Advantages standard is designed to help organizations identify, measure, and manage the advantages of their ISMS, and to ensure that the system is being used to its fullest potential. It provides guidance on the selection of metrics and methods for measuring the advantages of an ISMS, as well as on the interpretation of the results. It also provides guidance on the use of risk management and other management tools to ensure that the ISMS is being used effectively. Finally, it provides guidance on how to communicate the results of the measurements and the advantages of the ISMS to the organization., topic=null, hs_path=iso-iec-iec-270042016-advantages}--
{tableName=glossary, name=Domain Name System (DNS), description= The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates domain names, which can be easily memorized by humans, to the numerical IP addresses needed for the purpose of locating and identifying computer services and devices with the underlying network protocols. The Domain Name System is an essential component of the functionality of the Internet, as it provides a worldwide, distributed directory service. It is responsible for translating domain names into the corresponding IP addresses, as well as providing other information such as mail routing information, and providing a list of available services associated with a domain. The Domain Name System is an integral part of the functionality of the Internet, as it provides a worldwide distributed directory service., topic=null, hs_path=domain-name-system-dns}--
{tableName=glossary, name=Compliance Risk, description= Compliance risk is the risk of legal or regulatory sanctions, financial loss, or loss of reputation a business may face as a result of its failure to comply with laws, regulations, codes of conduct, or standards of practice. Compliance risk can arise from a variety of sources, including government regulations, industry standards, contractual obligations, and internal policies. It is important to note that compliance risk is not limited to legal and regulatory requirements, but also includes a company’s ethical and moral obligations. Companies must be aware of and manage their compliance risk in order to protect their brand, reputation, and bottom line. Compliance risk management involves identifying potential compliance risks, assessing their potential impact, and developing strategies to mitigate them. This includes developing policies and procedures to ensure compliance, training staff on the policies, and implementing systems to monitor and report on compliance., topic=null, hs_path=compliance-risk}--
{tableName=guides, name=Responsible AI , description=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant., topic=[{id=148362465326, createdAt=1701649556332, updatedAt=1715623523749, path='responsible-ai', name='Responsible AI Guide: A Comprehensive Guide', 1='{type=string, value=Responsible AI }', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

Artificial Intelligence (AI) and Machine Learning (ML) have become integral parts of the modern technological landscape, revolutionizing how we interact with data and automate processes. AI refers to the simulation of human intelligence in machines programmed to think and learn like humans. ML, a subset of AI, focuses on the development of systems that can learn and adapt from experience without being explicitly programmed. This groundbreaking field has led to significant advancements in various sectors, including healthcare, finance, and transportation, enhancing efficiency and opening new frontiers of innovation. The rise of AI has also introduced unique user interactions, reshaping how we engage with technology on a day-to-day basis. Understanding the components of AI solutions, from algorithms to data management, is crucial in leveraging their full potential.

However, with great power comes great responsibility. Responsible AI is a critical concept that emphasizes the ethical, transparent, and accountable use of AI technologies. It seeks to address the potential risks associated with AI, such as privacy concerns, bias in decision-making, and the broader societal impacts. The development and deployment of AI/ML solutions carry inherent risks, demanding careful consideration and management. Real-world incidents involving AI have highlighted the importance of secure and responsible adoption, both by individuals and organizations. This guide will delve into these topics, exploring frameworks like the NIST AI Risk Management Framework (RMF) and ISO 42001, which provide structured approaches for managing AI risks. Additionally, it will discuss the Responsible AI principles set forth by the OECD, which serve as a global benchmark for ensuring that AI systems are designed and used in a manner that respects human rights and democratic values.

}', 15='{type=list, value=[{id=148362465326, name='Responsible AI '}]}'}], hs_path=responsible-ai}--

eBooks

GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...