Skip to content

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Webinars

IT risk management essentials: Miti...

On-demand Webinar

IT risk management essentials: Mitigate risk & stay secure

With cyber threats constantly evolving, understanding the essentials of IT risk management is crucial for businesses of ...
date-icon

Jun 12, 2024

location

Virtual

Building intelligent vendor risk pr...

On-demand Webinar

Building intelligent vendor risk programs

Discover how to revolutionize your vendor risk management (VRM) processes with 6clicks' comprehensive solution in our on...
date-icon

May 29, 2024

location

Virtual

Mastering Security Compliance

On-demand Webinar

Mastering Security Compliance

Join our webinar to unlock the potential of AI-driven security compliance with 6clicks! Discover how to intelligently au...
date-icon

May 15, 2024

location

Virtual

See all webinars
{tableName=comparison, name=ASD Essential 8 vs SOC 2, description=ASD Essential 8 vs SOC 2: Learn the differences between the Australian Signals Directorate's Essential 8 security strategies and the AICPA's SOC 2 framework, topic=[{id=97620570506, createdAt=1673040885315, updatedAt=1715624279165, path='asd-essential-8', name=' ASD Essential 8 Guide: A Comprehensive Overview', 1='{type=string, value=ASD Essential 8}', 2='{type=string, value= This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve the outcomes of children with Autism Spectrum Disorder. Learn how to identify and implement these strategies to help}', 5='{type=string, value=This authoritative guide provides an in-depth look at the ASD Essential 8 (E8), a set of eight measures developed by the Australian Signals Directorate (ASD) to protect organizations from cyber threats. It explores whether the ASD Essential 8 are mandatory or not for your organisations and covers the fundamentals of each of the eight measures, including the maturity levels, how to perform an assessment and implementation guidenace.}', 15='{type=list, value=[{id=97620570506, name='ASD Essential 8'}]}'}], hs_path=asd-essential-8-vs-soc-2}--
{tableName=glossary, name=Compliance Management, description= Compliance Management is the practice of ensuring that an organization is adhering to all applicable laws, regulations, standards, and ethical practices. It involves developing and implementing policies and procedures to ensure that the organization is in compliance with applicable laws, regulations, standards, and ethical practices. It also involves monitoring and enforcing the policies and procedures, conducting regular audits and reviews, and providing training and guidance to employees to ensure that they are in compliance. Compliance Management is an important part of any organization's overall risk management strategy and helps to ensure that the organization is operating in a safe and compliant manner., topic=null, hs_path=compliance-management}--
{tableName=glossary, name=Email Encryption, description= Email Encryption is a security measure used to protect the privacy of email messages. It is a process of using encryption algorithms to scramble the contents of an email message, making it unreadable by anyone except the intended recipient. The encryption process takes the contents of the message, scrambles it using a mathematical algorithm, and produces a ciphertext. The ciphertext is then sent over the internet, where it is decrypted by the intended recipient using a key. Email encryption is a critical component of online security, as it helps protect the confidentiality of sensitive information and prevents unauthorized access to the contents of an email message., topic=null, hs_path=email-encryption}--
{tableName=glossary, name=ISO/IEC 27014, description= ISO/IEC 27014 is an international standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) that provides guidance on the development and implementation of an effective governance framework for information security. The standard outlines a comprehensive set of principles, processes, and practices to ensure the confidentiality, integrity, and availability of information. It emphasizes the importance of risk management, security controls, and the need to ensure that all information security activities are carried out in an organized and systematic manner. ISO/IEC 27014 also outlines the roles and responsibilities of all stakeholders involved in the governance of information security, including the security team, senior management, and the board of directors. Additionally, the standard provides guidance on the development of an information security policy, the implementation of security controls, and the monitoring and reporting of security incidents., topic=null, hs_path=iso-iec-27014}--
{tableName=glossary, name=The Health Insurance Portability and Accountability (HIPAA), description= The Health Insurance Portability and Accountability (HIPAA) is a federal law enacted in 1996 that provides data privacy and security provisions for safeguarding medical information. The law applies to health plans, health care clearinghouses, and those health care providers that conduct certain financial and administrative transactions electronically. The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain financial and administrative transactions electronically. The Privacy Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The HIPAA Security Rule requires covered entities to maintain reasonable and appropriate administrative, physical, and technical safeguards for protecting and securing protected health information. The Security Rule addresses both technical and non-technical safeguards, such as administrative, physical, and technical controls. The HIPAA Enforcement Rule provides the procedures for enforcing the privacy and security provisions of HIPAA. The Enforcement Rule outlines the procedures for investigating and resolving complaints of noncompliance and outlines the penalties for violations of the HIPAA Rules. The HIPAA Breach Notification Rule requires covered entities to provide notification following a breach of unsecured protected health information. The Breach Notification Rule requires covered entities to provide notification to affected individuals, the Secretary of the Department of Health and Human Services (HHS), and, in certain cases, to the media., topic=null, hs_path=the-health-insurance-portability-and-accountability-hipaa}--
{tableName=glossary, name=ISO/IEC Directives Part 2, description= ISO/IEC Directives Part 2 is a set of rules and procedures developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to ensure that standards created by the two organizations are developed and published in a consistent and effective manner. This part of the ISO/IEC Directives sets out the overall structure of the ISO/IEC standards development process, the roles and responsibilities of the various stakeholders, and the procedures for the development, approval, and publication of ISO/IEC standards. It also provides guidance on how to ensure that standards are developed in a transparent and open manner, and that the interests of all stakeholders are taken into consideration. The ISO/IEC Directives Part 2 also outlines the procedures for the review and withdrawal of standards, and the procedures for the registration and maintenance of ISO/IEC standards., topic=null, hs_path=iso-iec-directives-part-2}--

eBooks

GRC 5.0: Explaining the Paradigm Sh...

eBook

GRC 5.0: Explaining the Paradigm Shift in GRC

In this eBook, 6clicks CEO, Anthony Stevens, covers the major paradigm shift in GRC, integrating your risk approach, ma...
GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...