Skip to content
Master Security Compliance: Join our upcoming webinar!

Resources

Curated content for the risk and compliance professional: We cover the latest on cybersecurity, frameworks, risks, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Experience the synergy of cybersecurity and business expertise at UK Cyber Week 2024. Join 6clicks and top industry professionals to collaborate, shar...

On-Demand Webinars

Delivering Hub & Spoke GRC in Distr...

On-demand Webinar

Delivering Hub & Spoke GRC in Distributed & Autonomous Business

Internationally renowned GRC analyst Michael Rasmussen has performed a deep dive on our Hub and Spoke architecture and i...
date-icon

Jan 1, 2023

location

Virtual

Register Now
Using Zero Trust Architecture to Ba...

On-demand Webinar

Using Zero Trust Architecture to Balance Cyber Security Risks

While the concept of "Zero Trust" is not new among enterprises, however, the modern workplace has changed radically in r...
date-icon

Jan 3, 2023

location

Virtual

Register Now
How Can a vCISO Help Protect Your N...

On-demand Webinar

How Can a vCISO Help Protect Your Network?

With the threat landscape growing by the hour, the role of CISO has never been more important. Yet high demand and massi...
date-icon

Jan 5, 2023

location

Virtual

Register Now
See all webinars

Latest Answers

ASD Essential 8

Who has to comply with ASD Essential 8?

What is ASD Essential 8? The Australian Signals Di...

NIST Cybersecurity Framework (CSF)

Is NIST a standard or framework?

What is NIST? NIST, which stands for the National ...

ASD Essential 8

What is the ASD Essential Eight model?

What is the ASD essential eight model? The ASD Ess...

{tableName=glossary, name=Supplier Risk Management, description= Supplier Risk Management is the process of identifying, assessing, and mitigating the risks associated with working with suppliers and other third parties. It involves evaluating the potential risks associated with a supplier’s operations, such as financial stability, quality of goods or services, delivery times, and compliance with regulations, and taking steps to reduce or eliminate those risks. This process also involves maintaining regular communication with suppliers to ensure they are meeting their contractual obligations and to address any issues that arise. Additionally, supplier risk management includes developing policies and procedures to ensure the security of the supplier’s data, as well as monitoring the supplier’s performance on an ongoing basis. By implementing a comprehensive supplier risk management program, organizations can ensure that their suppliers are reliable, trustworthy, and compliant with applicable laws and regulations., topic=null, hs_path=supplier-risk-management}--
{tableName=comparison, name=APRA CPS 234 vs PCI-DSS, description= APRA CPS 234 and PCI-DSS are two important security standards for protecting data and financial systems. Learn the differences and how to comply with both., topic=[{id=97620570527, createdAt=1673040885446, updatedAt=1683947990333, path='apra-cps-234', name=' APRA CPS 234 Guide: Cyber Security Requirements', 1='{type=string, value=APRA CPS 234}', 2='{type=string, value= This guide provides a comprehensive overview of APRA CPS 234, the Australian Prudential Regulation Authority's (APRA) requirements for information security management. Learn how to protect your organisation's data}', 5='{type=string, value=The APRA CPS 234 Guide provides authoritative guidance to help organizations implement effective cybersecurity strategies. Written by the Australian Prudential Regulation Authority (APRA), this guide outlines the essential elements of a cyber security framework and outlines best practices for protecting data and systems from cyber threats. It provides detailed guidance on how to assess risk, implement safeguards, and respond to cyber incidents. The guide also includes information on how to develop policies and procedures, educate staff, and monitor cyber security performance. With this guide, organizations can ensure that their systems are secure and their data is protected.}'}], hs_path=apra-cps-234-vs-pci-dss}--
{tableName=glossary, name=Business Continuity, description= Business Continuity is a comprehensive approach to ensuring that an organization is able to maintain its essential operations and services in the face of any type of disruption or disaster. This includes planning for and responding to any kind of disruption, such as natural disasters, cyber-attacks, power outages, or system failures, and ensuring that the organization is able to quickly and effectively recover from these events. Business Continuity plans involve identifying critical business functions, prioritizing them, and developing strategies to keep them running during a disruption. These plans also include developing plans to back up and restore data, establishing procedures to protect vital records and information, and creating a system to communicate with employees during a disruption., topic=[{id=97620570528, createdAt=1673040885452, updatedAt=1683947994134, path='cybersecurity-risk-management', name=' Cybersecurity Risk Management: A Guide for Businesses', 1='{type=string, value=Cybersecurity Risk Management}', 2='{type=string, value= This guide provides essential information on cyber security risk management, including how to identify, assess, and mitigate risks to your organization's data and systems. Learn how to create a cyber security strategy that}', 5='{type=string, value=This Cybersecurity Risk Management Guide is designed to provide an authoritative overview of the key concepts and processes associated with effective cybersecurity risk management. It provides an introduction to the principles of risk management and the key steps involved in developing a successful risk management plan. It outlines the importance of understanding the threats and vulnerabilities that exist in the digital environment, as well as the steps that can be taken to mitigate these risks. It also discusses the need to develop a culture of security within an organization and the role of leadership in setting the tone for a secure environment. Finally, the guide provides guidance on the selection and implementation of security technologies, as well as the monitoring and review of risk management processes. This guide is an essential resource for anyone looking to understand and manage risks associated with cyber threats.}'}], hs_path=business-continuity}--
{tableName=glossary, name=Vendor Risk Management (VRM), description= Vendor Risk Management (VRM) is an enterprise-wide approach to managing risks associated with third-party vendors. It involves an organization’s proactive identification, assessment, and mitigation of risks posed by vendors. VRM involves a comprehensive review of the vendor’s security and privacy policies, documentation, and processes. It also requires an organization to monitor vendors’ performance on an ongoing basis. This includes evaluating the vendor’s ability to meet requirements, maintain compliance, and adhere to industry standards. VRM also requires organizations to have a clear understanding of the potential risks associated with vendors, including financial, reputational, legal, and operational risks. Finally, VRM requires organizations to develop and maintain a comprehensive vendor risk management program that includes policies and procedures for vendor selection, contract negotiation, and ongoing monitoring., topic=[{id=97620570526, createdAt=1673040885440, updatedAt=1683947987018, path='vendor-risk-management', name=' Vendor Risk Management: A Guide to Best Practices', 1='{type=string, value=Vendor Risk Management}', 2='{type=string, value= Vendor Risk Management Guide: Learn the fundamentals of vendor risk management and how to identify, assess, and mitigate risks associated with third-party vendors.}', 5='{type=string, value=This Vendor Risk Management Guide provides a comprehensive overview of the key components of vendor risk management. It covers the fundamentals of vendor risk management, including risk identification, assessment, and mitigation strategies. It also provides guidance on the development of a vendor risk management program, including the process for selecting, onboarding, and monitoring vendors. Additionally, this guide provides guidance on the use of technology to automate and streamline the vendor risk management process. Finally, this guide provides a number of best practices for managing vendor risk and ensuring compliance with applicable regulations. With this guide, organizations can create a comprehensive and effective vendor risk management program that ensures the safety of their data and systems.}'}], hs_path=vendor-risk-management-vrm}--
{tableName=comparison, name=PCI-DSS vs GDPR, description= PCI-DSS and GDPR are two important security standards that help protect sensitive data. Learn the differences between them and how to ensure compliance., topic=[{id=97620570502, createdAt=1673040885290, updatedAt=1683947890075, path='pci-dss', name=' PCI-DSS: A Guide to Meeting Security Requirements', 1='{type=string, value=PCI-DSS}', 2='{type=string, value=This guide provides an overview of the Payment Card Industry Data Security Standard (PCI-DSS) and the steps to take to ensure compliance with}', 5='{type=string, value=

This comprehensive guide provides a comprehensive overview of the Payment Card Industry Data Security Standard (PCI-DSS), a set of security standards designed to protect cardholder data and reduce the risk of data breaches. It covers the key components of the PCI-DSS, including the 12 requirements, the 6 goals, and the 6 core principles. It also provides a detailed description of the processes, technologies, and tools required to comply with the standard. Furthermore, the guide includes best practices for implementing the standard and provides resources to help organizations stay on top of the latest developments in the industry.

This guide provides a roadmap for achieving PCI-DSS compliance and maintaining a secure environment.

}'}], hs_path=pci-dss-vs-gdpr}--
{tableName=glossary, name=Information Management System, description= An Information Management System is a system of organized procedures and processes used to collect, store, organize, analyze, retrieve, and distribute data and information. It is designed to help users efficiently manage and access data, information, and knowledge. It typically includes a combination of hardware, software, and other technologies, such as databases, networks, and cloud computing, to provide users with secure access to the data they need. An Information Management System is used to improve the efficiency of business operations, streamline processes, reduce costs, and improve customer service. It can also be used to improve decision-making, communication, collaboration, and productivity., topic=null, hs_path=information-management-system}--
Supplier Risk Management

Supplier Risk Management is the process of identifying, assessing, and mitigating the risks associat...

APRA CPS 234
APRA CPS 234 vs PCI-DSS

APRA CPS 234 and PCI-DSS are two important security standards for protecting data and financial syst...

Cybersecurity Risk Management
Business Continuity

Business Continuity is a comprehensive approach to ensuring that an organization is able to maintain...

Vendor Risk Management
Vendor Risk Management (VRM)

Vendor Risk Management (VRM) is an enterprise-wide approach to managing risks associated with third-...

PCI-DSS
PCI-DSS vs GDPR

PCI-DSS and GDPR are two important security standards that help protect sensitive data. Learn the di...

Information Management System

An Information Management System is a system of organized procedures and processes used to collect, ...

eBooks

GRC Buying Guide

eBook

GRC Buying Guide

In this eBook, we have covered the GRC buying basics including: knowing when to employ a new GRC capability, baseline ex...
Download
Artificial Intelligence and Robust ...

eBook

Artificial Intelligence and Robust Content

Written by 6clicks CISO, Andrew Robinson, this eBook covers the interconnection of Artificial Intelligence and Machine L...
Download
Everything You Need to Know About 6...

eBook

Everything You Need to Know About 6clicks

Learn more about 6clicks as an organization and GRC SaaS provider including a platform overview, our solutions, a deeper...
Download
See all eBooks