Skip to content

Going further with 6clicks Pixel Perfect

Heather Buker |

May 13, 2022
Going further with 6clicks Pixel Perfect

Contents

It seems as though cyber security compliance requirements are never-ending.

Rightly so - there is an increasing amount at stake. At 6clicks, our mission is to make it easier for businesses and advisors to get on top of these obligations.

Late last year, we released 6clicks Pixel Perfect.  As the name suggests, it is designed to support pixel-perfect style reporting associated with an audit or assessment.

The first cab of the rank for this has been PCI DSS ROC reporting - for those PCI QSA's, you will be aware of the very precise reporting requirements, particularly section 6, that we've now automated for you.

PCI DSS Product Images (4)

Using the same 6clicks Pixel Perfect engine, we have released the following to our 6clicks library of content:

  • ISO/IEC 27001:2013 Annex A Statement of Applicability template;

  • ISM September 2021 SSP Annex template; and

  • ASD Cloud Security Control Matrix September 2021 template.

ISO/IEC 27001:2013 Annex A Statement of Applicability Template

This is a requirement-based assessment with predefined fields to suit an ISO/IEC 27001 Statement of Applicability (SoA).

All 114 ISO/IEC 27001 Annex A controls are available in this template, along with predefined fields to complete.

The predefined fields are:

  • Applicability (yes/no);

  • Justification (long text response);

  • Compliant (yes/no);

  • Documentation reference (short text response); and

  • Implementation notes (long text response).

Experts Guide to ISO 27001 - lilac

ISM September 2021 SSP Annex Template

This is a requirement-based assessment with predefined fields to suit an ISM System Security Plan (SSP) Annex.

All controls from the ISM September 2021 release are available in this template, along with predefined fields to complete.

The predefined fields are:

  • Applicability (yes/no);

  • Justification (long text response);

  • Compliant (yes/no);

  • Documentation reference (short text response); and

  • Implementation notes (long text response).

You can download the ISM requirement-based assessment template and use it as is.

Or you can modify it as you see fit.

 

ASD Cloud Security Control Matrix September 2021 Template

This is a requirement-based assessment with predefined fields to suit an ASD Cloud Security Control Matrix Assessment.

All controls from the ISM September 2021 release are available in this template, along with predefined fields to complete.

The predefined fields are:

  • Outsourcer: Implementation Status (Dropdown)

  • Outsourcer: Implementation Comments (Long Text Response)

  • System: Implementation Status (Dropdown)

  • System: Implementation Comments (Long Text Response)

  • Consumer Implementation Responsibility (Dropdown)

  • Consumer Implementation Guidance (Long Text Response)

All of these are available for advisors to use with their clients or for businesses directly. And of course, if you need to modify it to suit your requirements, that is easy too. 

 

Conclusion

If you want to know how these ISO 27001 controls may relate to those in other frameworks like the NIST Cyber Security Framework or others, you can always get that from Hailey.

If you would like more details on how ISO 27001 will benefit your organization, then contact 6clicks today. Here's how 6clicks automates your ISO 27001 compliance automation, quickly.

How about a whistle-stop tour with one of our 6clicks maestros? Easy, just click the button below and let the good times roll.

All we want to do, every day, is make the world of GRC easier to manage. We can't do that without you, so we hope to hear from you real soon!

Get started with 6clicks





Heather Buker

Written by Heather Buker

Heather has been a technical SME in the cybersecurity field her entire career from developing cybersecurity software to consulting, service delivery, architecting, and product management across most industry verticals. An engineer by trade, Heather specializes in translating business needs and facilitating solutions to complex cyber and GRC use cases with technology. Heather has a Bachelors in Computer Engineering, Masters in Engineering Management, and a Doctorate in Information Technology with a specialization in information assurance and cybersecurity.