Skip to content
🚨 6clicks receives ISO 42001 certification for its AI Management System 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
6clicks product roadshow: Discover the latest updates
On-demand Webinar

6clicks product roadshow: Discover the latest upda...

Join the 6clicks Product Roadshow to discover the latest updates! Explore new Continuous Control Monitoring integrations with Wiz and Microsoft Defend...

Webinars

6clicks product roadshow: Discover ...

On-demand Webinar

6clicks product roadshow: Discover the latest updates

Gain exclusive insights into the latest advancements on the 6clicks platform, starting with our integration with Wiz and...
date-icon

Oct 31, 2024

location

Virtual

Register Now
Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

Register Now
6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

Information Security Registered Assessors Program (IRAP)

What is the information security registe...

What is IRAP? The Information Security Registered ...

Defence Industry Security Program (DISP)

What are the 5 levels of security cleara...

What is security clearance? Security clearance is ...

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

{tableName=glossary, name=ISO/IEC Accreditation, description= ISO/IEC accreditation is an internationally recognized standard for the evaluation of organizations that provide certification services. It is a process of assessing the competence of an organization to provide certification services, including the processes and procedures used to ensure that certification is conducted in accordance with the relevant international standards. In order to be accredited, an organization must demonstrate that it has the necessary technical and organizational infrastructure, personnel, and resources to perform certification activities in accordance with the requirements of the relevant international standards. ISO/IEC accreditation is issued by a recognized accreditation body, such as the International Accreditation Forum (IAF). Accreditation is an important part of the certification process, as it ensures that certified products and services meet the required standards and are of the highest quality., topic=null, hs_path=iso-iec-accreditation}--
{tableName=comparison, name=GDPR vs ISO 27001, description= Understand the differences between GDPR and ISO 27001 - two important compliance regulations. Learn how they protect data and how they complement each other., topic=[{id=97620570523, createdAt=1673040885422, updatedAt=1715624542336, path='gdpr', name=' GDPR: A Comprehensive Guide to Compliance', 1='{type=string, value=GDPR}', 2='{type=string, value= This GDPR Guide provides an authoritative overview of the General Data Protection Regulation (GDPR) and how it affects businesses and organizations. It outlines the key principles of the GDPR and provides an}', 5='{type=string, value=This GDPR Guide provides a comprehensive overview of the European Union's General Data Protection Regulation (GDPR). It covers the full scope of the GDPR, including its purpose, scope, definitions, principles, rights, obligations, enforcement, and more. It also provides practical advice on how to comply with the GDPR, including best practices for data protection, data security, and data management. This guide is an essential resource for any organization that collects, stores, or processes personal data.}', 15='{type=list, value=[{id=97620570523, name='GDPR'}]}'}], hs_path=gdpr-vs-iso-27001}--
{tableName=glossary, name=ISO/IEC 27002 Scope, description= ISO/IEC 27002 Scope is the scope of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27002 standard. This standard provides guidance on the selection, implementation, and management of information security controls to protect and secure information assets. The scope of ISO/IEC 27002 covers the management of information security in organizations, including the selection, implementation, and management of information security controls. It is intended to cover all areas of information security, including physical security, personnel security, access control, network security, system security, application security, and data security. The scope of ISO/IEC 27002 is not limited to any particular industry or sector, but is applicable to any organization that stores, processes, transmits, or uses information assets. The scope of ISO/IEC 27002 is also applicable to any organization that is responsible for the security of its own information assets, as well as those of its customers, suppliers, and other stakeholders., topic=null, hs_path=iso-iec-27002-scope}--
{tableName=guides, name=ISO 27017, description=Learn about ISO 27017 and how it helps secure your cloud environment with this comprehensive guide. Ensure compliance and protect your data., topic=[{id=115089008212, createdAt=1683771047406, updatedAt=1715624207054, path='iso-27017', name='ISO 27017: Comprehensive Guide to Cloud Security Standards', 1='{type=string, value=ISO 27017}', 2='{type=string, value=Learn about ISO 27017 and how it helps secure your cloud environment with this comprehensive guide. Ensure compliance and protect your data.}', 5='{type=string, value=

In today's interconnected world, cloud computing has become an integral part of business operations. However, with the numerous advantages of cloud technology, come new challenges in ensuring data security and privacy. ISO/IEC 27017 provides a framework specifically designed to address these concerns. This guide aims to provide a comprehensive overview of ISO 27017, its significance, and practical steps to implement cloud security controls within your organization. 

}', 15='{type=list, value=[{id=115089008212, name='ISO 27017'}]}'}], hs_path=iso-27017}--
{tableName=glossary, name=ISO/IEC 27001 Penetration Testing, description= ISO/IEC 27001 Penetration Testing is a type of security testing that is used to evaluate the security of an organization’s information systems and networks. It is designed to identify, analyze, and report on any vulnerabilities that may exist in an organization’s security infrastructure. The goal of penetration testing is to find, exploit, and help correct any weaknesses in the system before they can be exploited by malicious actors. During a penetration test, an ethical hacker attempts to gain access to an organization’s systems and networks, either by exploiting known vulnerabilities or by using social engineering tactics. The tester then documents and reports on the findings, including any potential risks and recommended countermeasures. The results of the penetration test are then used to develop a comprehensive security plan that can help protect the organization’s systems and data., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name=' ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=

This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.

Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.

This guide is an essential resource for anyone looking to understand and implement ISO 27001.

}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-penetration-testing}--
{tableName=glossary, name=ISO/IEC 27002 Importance, description= ISO/IEC 27002 is an international standard for information security management, which provides best practice recommendations for organizations to implement security controls in order to protect their information assets. The standard is based on the principles of the ISO/IEC 27000 series of standards and provides guidance on the selection, implementation, and management of information security controls. It is an important tool for organizations to ensure that their information assets are adequately protected from unauthorized access, disclosure, destruction, or other unauthorized activities. It can also be used as a reference for organizations to assess their own security posture and identify areas for improvement. The standard is regularly updated to reflect the changing security landscape and new threats., topic=null, hs_path=iso-iec-27002-importance}--
ISO/IEC Accreditation

ISO/IEC accreditation is an internationally recognized standard for the evaluation of organizations ...

GDPR
GDPR vs ISO 27001

Understand the differences between GDPR and ISO 27001 - two important compliance regulations. Learn ...

ISO/IEC 27002 Scope

ISO/IEC 27002 Scope is the scope of the International Organization for Standardization (ISO) and the...

ISO 27017
ISO 27017

Learn about ISO 27017 and how it helps secure your cloud environment with this comprehensive guide. ...

ISO 27001
ISO/IEC 27001 Penetration Testing

ISO/IEC 27001 Penetration Testing is a type of security testing that is used to evaluate the securit...

ISO/IEC 27002 Importance

ISO/IEC 27002 is an international standard for information security management, which provides best ...