Skip to content

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

See all webinars
{tableName=comparison, name=ASD Essential 8 vs PCI-DSS, description=ASD Essential 8 is a cybersecurity framework developed by the Australian government to help protect organizations from cyber threats. , topic=[{id=97620570506, createdAt=1673040885315, updatedAt=1685498674506, path='asd-essential-8', name=' ASD Essential 8 Guide: A Comprehensive Overview', 1='{type=string, value=ASD Essential 8}', 2='{type=string, value= This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve the outcomes of children with Autism Spectrum Disorder. Learn how to identify and implement these strategies to help}', 5='{type=string, value=This authoritative guide provides an in-depth look at the ASD Essential 8 (E8), a set of eight measures developed by the Australian Signals Directorate (ASD) to protect organizations from cyber threats. It explores whether the ASD Essential 8 are mandatory or not for your organisations and covers the fundamentals of each of the eight measures, including the maturity levels, how to perform an assessment and implementation guidenace.}'}], hs_path=asd-essential-8-vs-pci-dss}--
{tableName=glossary, name=ISO/IEC 27001 Scope, description= ISO/IEC 27001 Scope is a set of requirements for the implementation of an Information Security Management System (ISMS) that defines the boundaries of the system and its objectives. It is a framework that sets out the scope of the ISMS, the processes and procedures that will be used to manage the security of the organization’s information assets, and the resources that will be used to implement and maintain the system. The scope of the ISMS will be determined by the organization’s risk management process and should include, but not be limited to: the organization’s information assets, the security controls that will be implemented, the roles and responsibilities of personnel, the organizational structure, the procedures to be followed, the documentation and records to be maintained, and the implementation and monitoring of the system. The scope should also include the identification and assessment of risks, the implementation of measures to reduce those risks, the monitoring of the system and its effectiveness, and the continual improvement of the system., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-scope}--
{tableName=glossary, name=Vendor Assessment, description= Vendor Assessment is the process of evaluating potential suppliers and vendors to determine their ability to meet the needs of an organization. This process typically involves analyzing a vendor's performance history, customer service, product quality, pricing, and other factors to determine if they are a suitable partner. Vendor assessments are used to ensure that the vendor provides the best value for the organization, and that the vendor is reliable, dependable, and offers the highest quality products and services. Vendor assessments can also help organizations identify potential risks associated with working with certain vendors and help them select the most suitable vendor for their needs., topic=[{id=97620570526, createdAt=1673040885440, updatedAt=1683947987018, path='vendor-risk-management', name=' Vendor Risk Management: A Guide to Best Practices', 1='{type=string, value=Vendor Risk Management}', 2='{type=string, value= Vendor Risk Management Guide: Learn the fundamentals of vendor risk management and how to identify, assess, and mitigate risks associated with third-party vendors.}', 5='{type=string, value=This Vendor Risk Management Guide provides a comprehensive overview of the key components of vendor risk management. It covers the fundamentals of vendor risk management, including risk identification, assessment, and mitigation strategies. It also provides guidance on the development of a vendor risk management program, including the process for selecting, onboarding, and monitoring vendors. Additionally, this guide provides guidance on the use of technology to automate and streamline the vendor risk management process. Finally, this guide provides a number of best practices for managing vendor risk and ensuring compliance with applicable regulations. With this guide, organizations can create a comprehensive and effective vendor risk management program that ensures the safety of their data and systems.}'}], hs_path=vendor-assessment}--
{tableName=comparison, name=NIST CSF vs ISO 27001, description= Understand the differences between the NIST Cybersecurity Framework (CSF) and ISO 27001, two of the most widely used security frameworks. , topic=[{id=97620570503, createdAt=1673040885296, updatedAt=1683947893762, path='nist-cybersecurity-framework-csf', name=' NIST Cybersecurity Framework: A Comprehensive Guide', 1='{type=string, value=NIST Cybersecurity Framework (CSF)}', 2='{type=string, value= A comprehensive guide to the NIST Cybersecurity Framework (CSF) and how to use it to protect your organization's IT infrastructure and data. Learn best practices and tips to help you improve}', 5='{type=string, value=This authoritative guide provides an overview of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). The guide will provide an in-depth look at the five core functions of the CSF, which are Identify, Protect, Detect, Respond, and Recover. It will also explain the importance of the CSF and how it can help organizations of all sizes to protect their networks and data from cyber threats. The guide will also provide an overview of the various tools and resources available to help organizations implement the CSF, as well as best practices for using the framework to ensure the security of their systems. Finally, the guide will provide a comprehensive look at the various roles and responsibilities associated with the CSF, including the roles of the organization, its employees, and external partners. This guide is an essential resource for any organization looking to protect its networks and data from the ever-evolving cyber threats.}'}], hs_path=nist-cybersecurity-framework-csf-vs-iso-27001}--
{tableName=glossary, name=AFSL Authorised Representative, description= An AFSL Authorised Representative is an individual or organisation that has been authorised by an Australian Financial Services Licence (AFSL) holder to provide financial services on their behalf. They are responsible for ensuring that the services they provide comply with the relevant laws, regulations and standards set out by the AFSL holder. They must also be adequately trained and qualified to provide the services they are authorised to provide. AFSL Authorised Representatives are typically required to have an appropriate level of insurance coverage in place to protect their clients from any losses that may occur as a result of their services. They must also adhere to the terms of the AFSL holder's agreement and any other legal requirements., topic=null, hs_path=afsl-authorised-representative}--
{tableName=glossary, name=ISO/IEC Framework, description= The ISO/IEC Framework is a set of standards and guidelines developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to provide a consistent and reliable approach to the development, implementation, and management of information systems. It is designed to ensure that the systems developed are secure, reliable, and capable of meeting the needs of the organization. The framework is composed of a set of principles and processes that guide the development, implementation, and management of information systems. These principles and processes include security, quality assurance, system design, system development, system maintenance, system evaluation, system optimization, system integration, and system management. The framework also provides guidance on the selection and use of appropriate technologies, and the development and implementation of appropriate policies and procedures. The ISO/IEC framework is an important tool for organizations to ensure that their information systems are reliable, secure, and capable of meeting their business needs., topic=null, hs_path=iso-iec-framework}--

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...