Skip to content
🚨 6clicks receives ISO 42001 certification for its AI Management System 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
6clicks product roadshow: Discover the latest updates
On-demand Webinar

6clicks product roadshow: Discover the latest upda...

Join the 6clicks Product Roadshow to discover the latest updates! Explore new Continuous Control Monitoring integrations with Wiz and Microsoft Defend...

Webinars

6clicks product roadshow: Discover ...

On-demand Webinar

6clicks product roadshow: Discover the latest updates

Gain exclusive insights into the latest advancements on the 6clicks platform, starting with our integration with Wiz and...
date-icon

Oct 31, 2024

location

Virtual

Register Now
Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

Register Now
6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

Information Security Registered Assessors Program (IRAP)

What is the information security registe...

What is IRAP? The Information Security Registered ...

Defence Industry Security Program (DISP)

What are the 5 levels of security cleara...

What is security clearance? Security clearance is ...

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

{tableName=glossary, name=Statement Of Applicability (SOA), description= A Statement of Applicability (SOA) is a document that outlines the security controls and measures that an organization has implemented to protect its information systems and data assets. It is used to provide evidence of the organization's commitment to security and compliance. It typically includes a list of applicable security controls and measures, along with a description of how they are implemented and monitored. The SOA also includes a description of the organization's security policies, procedures, and guidelines, as well as any applicable laws and regulations. The SOA is typically reviewed and updated on a regular basis to ensure that the organization's security measures remain up to date and relevant., topic=[{id=97620570504, createdAt=1673040885302, updatedAt=1715750255339, path='information-security-management-system', name=' ISMS Guide: Info Security Mgmt System Overview', 1='{type=string, value=Information Security Management System (ISMS)}', 2='{type=string, value= This authoritative guide provides a comprehensive overview of Information Security Management Systems (ISMS). It covers the fundamentals of ISMS, as well as best practices for implementing an effective ISMS. It also}', 5='{type=string, value=This guide provides a comprehensive overview of Information Security Management Systems (ISMS), which are designed to protect organizations from the risks for which information security, cybersecurity and privacy protection are required. It covers the fundamentals of ISMS, including the components of an ISMS, the process of implementing an ISMS, and the various requirements and standards associated with ISMS. It also covers the different types of security threats, the best practices for mitigating them, and the importance of having a robust ISMS in place. Finally, this guide provides practical advice on how to design and implement an effective ISMS, as well as how to maintain it over time. With this guide, readers will gain a deeper understanding of how to protect their organizations from cyber threats and ensure their data is secure.}', 15='{type=list, value=[{id=97620570504, name='Information Security Management System (ISMS)'}]}'}], hs_path=statement-of-applicability-soa}--
{tableName=glossary, name=COBIT Framework, description= COBIT (Control Objectives for Information and Related Technology) is an IT governance framework that provides a comprehensive set of best practices, processes, and procedures for IT management and control. It was developed by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI) to help organizations achieve their business objectives by leveraging IT resources. COBIT enables organizations to align IT strategies with their business objectives by providing an integrated framework of processes, controls, and best practices for the effective management of IT. It covers all aspects of IT management, including planning, acquisition, implementation, operations, and maintenance. COBIT also provides guidance on IT governance, risk management, and compliance. It is a widely accepted and internationally recognized standard for IT governance, and is used by organizations of all sizes and industries., topic=null, hs_path=cobit-framework}--
{tableName=comparison, name=SOC 2 vs NIST CSF, description=A comparison of SOC 2 and NIST Cybersecurity Framework (CSF). Learn the differences between the two frameworks, their security objectives., topic=[{id=97620570514, createdAt=1673040885366, updatedAt=1715624490265, path='soc-2', name=' SOC 2 Compliance: A Comprehensive Guide', 1='{type=string, value=SOC 2}', 2='{type=string, value= Compliance SOC 2 Compliance Guide: Learn the basics of SOC 2 compliance and how to ensure your organization meets the necessary standards. Get expert advice and resources to help you understand and implement the necessary}', 5='{type=string, value=This comprehensive guide provides an in-depth look at SOC 2, a set of standards used to assess the security, availability, processing integrity, confidentiality, and privacy of a service organization. It is designed to help service organizations understand the requirements of the SOC 2 framework, as well as how to implement and maintain the necessary controls to achieve compliance. This guide provides a detailed overview of the SOC 2 framework, including the five trust principles, the criteria used to evaluate those principles, and the process organizations must go through to become compliant. Additionally, this guide provides best practices for organizations to ensure they remain compliant, as well as advice on how to handle any non-compliance issues that may arise. With this guide, service organizations can gain a better understanding of the SOC 2 framework and how to use it to maintain the security and privacy of their customers' data.}', 15='{type=list, value=[{id=97620570514, name='SOC 2'}]}'}], hs_path=soc-2-vs-nist-cybersecurity-framework-csf}--
{tableName=glossary, name=Security Perimeter, description= Security Perimeter: A security perimeter is an arrangement of security measures designed to protect an asset or group of assets from unauthorized access. It is the boundary that separates the secure area from the unsecured area. The security perimeter typically consists of physical barriers such as fences, walls, and gates, as well as electronic surveillance and access control systems. It also includes procedures for authentication, authorization, and audit, as well as other security measures such as encryption, intrusion detection, and anti-virus software. The purpose of the security perimeter is to protect the asset or assets from external threats, such as hackers, malicious software, and other malicious actors. It is also used to protect the asset or assets from internal threats, such as employees or contractors with malicious intent. The security perimeter is an important part of any security strategy and should be regularly monitored and updated to ensure that it remains effective., topic=null, hs_path=security-perimeter}--
{tableName=glossary, name=Association of International Certified Professional Accountants (AICPA), description= The Association of International Certified Professional Accountants (AICPA) is an organization that represents the global accounting profession. It is the world’s largest accounting body, with more than 650,000 members in over 130 countries. Its members include CPAs, Chartered Professional Accountants (CPAs) and Certified Management Accountants (CMAs). The AICPA sets the ethical and technical standards for the accounting profession, and provides guidance and resources to help its members stay current on changes in the profession. It also offers educational and certification programs, such as the CPA Exam and the CMA Exam, as well as continuing professional education. The AICPA also advocates for the profession and works to promote the public interest by advocating for sound financial reporting and disclosure, and by advocating for the protection of the public’s financial interests. It also works to ensure that the public has access to accurate and reliable financial information., topic=null, hs_path=association-of-international-certified-professional-accountants-aicpa}--
{tableName=glossary, name=Risk Identification (Ri), description= Risk Identification (Ri) is the process of identifying and understanding potential risks that may affect an organization, project, or process. This process typically involves the identification of both internal and external factors that may have an impact on the organization, project, or process. Risk identification involves analyzing the environment and the organization's activities to identify potential risks. It also involves the analysis of internal and external data to identify potential risks. The process includes the identification of the sources of risk, the assessment of the probability of occurrence, and the evaluation of the consequences of the risk. The purpose of risk identification is to identify and prioritize risks that need to be addressed, so that the organization can manage them effectively., topic=null, hs_path=risk-identification-ri}--
Information Security Management System (ISMS)
Statement Of Applicability (SOA)

A Statement of Applicability (SOA) is a document that outlines the security controls and measures th...

COBIT Framework

COBIT (Control Objectives for Information and Related Technology) is an IT governance framework that...

SOC 2
SOC 2 vs NIST CSF

A comparison of SOC 2 and NIST Cybersecurity Framework (CSF). Learn the differences between the two ...

Security Perimeter

Security Perimeter: A security perimeter is an arrangement of security measures designed to protect ...

Association of International Certified Professiona...

The Association of International Certified Professional Accountants (AICPA) is an organization that ...

Risk Identification (Ri)

Risk Identification (Ri) is the process of identifying and understanding potential risks that may af...