Skip to content
🚨 6clicks receives ISO 42001 certification for its AI Management System 🚨

Resources

Curated content for the cyber, risk and compliance professional: We cover the latest on cybersecurity, frameworks, risk, and compliance trends.

Show filters
All
Answers
Framework comparisons
Events
Glossary
Guides
Analyst research
eBooks
Datasheets
Pitch decks
6clicks product roadshow: Discover the latest updates
On-demand Webinar

6clicks product roadshow: Discover the latest upda...

Join the 6clicks Product Roadshow to discover the latest updates! Explore new Continuous Control Monitoring integrations with Wiz and Microsoft Defend...

Webinars

6clicks product roadshow: Discover ...

On-demand Webinar

6clicks product roadshow: Discover the latest updates

Gain exclusive insights into the latest advancements on the 6clicks platform, starting with our integration with Wiz and...
date-icon

Oct 31, 2024

location

Virtual

Register Now
Reducing cost and complexity of GRC...

On-demand Webinar

Reducing cost and complexity of GRC with CyberCX

Join Andrew Robinson, CISO & Co-Founder of 6clicks, and Belinda Edwards, Manager - Governance, Risk, and Compliance of C...
date-icon

Sep 19, 2024

location

Virtual

Register Now
6clicks Hub & Spoke: Smart GRC solu...

On-demand Webinar

6clicks Hub & Spoke: Smart GRC solution for enterprise needs

Explore how 6clicks' unique Hub & Spoke deployment architecture streamlines cyber GRC management for federated enterpris...
date-icon

Sep 2, 2024

location

Virtual

Register Now
See all webinars

Latest Answers

Information Security Registered Assessors Program (IRAP)

What is the information security registe...

What is IRAP? The Information Security Registered ...

Defence Industry Security Program (DISP)

What are the 5 levels of security cleara...

What is security clearance? Security clearance is ...

How does 6clicks support effective softw...

6clicks supports effective software vulnerability ...

{tableName=glossary, name=ISO/IEC 27002 Scope, description= ISO/IEC 27002 Scope is the scope of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27002 standard. This standard provides guidance on the selection, implementation, and management of information security controls to protect and secure information assets. The scope of ISO/IEC 27002 covers the management of information security in organizations, including the selection, implementation, and management of information security controls. It is intended to cover all areas of information security, including physical security, personnel security, access control, network security, system security, application security, and data security. The scope of ISO/IEC 27002 is not limited to any particular industry or sector, but is applicable to any organization that stores, processes, transmits, or uses information assets. The scope of ISO/IEC 27002 is also applicable to any organization that is responsible for the security of its own information assets, as well as those of its customers, suppliers, and other stakeholders., topic=null, hs_path=iso-iec-27002-scope}--
{tableName=glossary, name=Compliance Manager/Officer, description= A Compliance Manager/Officer is a person who is responsible for ensuring that an organization is adhering to all applicable laws and regulations, as well as internal policies and procedures. They are responsible for developing, implementing and managing the organization's compliance program, which includes developing, communicating and enforcing the organization's policies and procedures, monitoring the organization's activities to ensure compliance, training staff on compliance issues, investigating and responding to compliance-related issues, and providing advice and guidance to management and staff on compliance matters. Compliance Managers/Officers also work with external organizations to ensure that the organization's activities are in line with applicable laws and regulations, and may be responsible for preparing and submitting reports to regulatory bodies., topic=null, hs_path=compliance-manager-officer}--
{tableName=glossary, name=NIST 800-53 Risk Assessment, description= NIST 800-53 Risk Assessment is a comprehensive process used to identify, assess, and manage the security risks associated with the use, processing, storage, and transmission of information and information systems. It involves analyzing the security controls in place, evaluating the potential threats and vulnerabilities, and determining the appropriate risk mitigation strategies. This process is designed to ensure that the organization has the appropriate security controls in place to protect its information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The risk assessment should be conducted on a regular basis to ensure that the organization’s security posture is up to date and that any new threats or vulnerabilities have been identified and addressed. The NIST 800-53 Risk Assessment approach helps organizations to identify and address security risks in a timely and cost-effective manner., topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1715624498921, path='nist-sp-800-53', name=' NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value= This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}', 15='{type=list, value=[{id=97620570515, name='NIST SP 800-53'}]}'}], hs_path=nist-800-53-risk-assessment}--
{tableName=glossary, name=Hacker, description= A hacker is an individual who uses their technical knowledge to gain unauthorized access to computer systems, networks, or other digital resources. They may use their skills to explore and manipulate a system, or to gain access to data or information that is not intended to be publicly available. Hackers are not necessarily malicious, and may use their technical knowledge to find vulnerabilities in systems and networks and report them to the appropriate authorities. Hackers may also use their skills to create beneficial applications and products, such as software and websites., topic=[{id=97620570512, createdAt=1673040885353, updatedAt=1715624422147, path='vulnerability-management', name='Vulnerability Management Guide: Learn to Protect Your Business', 1='{type=string, value=Vulnerability Management}', 2='{type=string, value= Learn how to identify, assess, and manage security vulnerabilities in your organization with this comprehensive guide to Vulnerability Management. Get started now!}', 5='{type=string, value=This Vulnerability Management Guide provides an authoritative overview of the processes, strategies, and best practices for effectively managing vulnerabilities in an organization's IT systems. It explains the importance of vulnerability management and outlines the steps needed to build an effective vulnerability management program. It also covers the various tools and techniques used to identify, assess, and remediate vulnerabilities, as well as the importance of monitoring and reporting on the program's progress. Finally, the guide provides guidance on how to select the appropriate security solutions for an organization's needs. By following the advice in this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570512, name='Vulnerability Management'}]}'}], hs_path=hacker}--
{tableName=guides, name=Security Clearance, description=6clicks' comprehensive guide to security clearances in the United States, Australia, and the United Kingdom., topic=null, hs_path=security-clearance}--
{tableName=glossary, name=Prioritisation, description= Prioritisation is the process of determining the order of importance or urgency of activities, tasks, and decisions. It involves assessing the relative worth of competing demands for attention and allocating resources accordingly. It is a key skill for effective time management, as it helps to ensure that the most important tasks are completed first, and that resources are allocated in the most efficient way. Prioritisation can also be used to help make decisions about which projects or initiatives should take precedence over others, and which tasks should be completed first., topic=null, hs_path=prioritisation}--
ISO/IEC 27002 Scope

ISO/IEC 27002 Scope is the scope of the International Organization for Standardization (ISO) and the...

Compliance Manager/Officer

A Compliance Manager/Officer is a person who is responsible for ensuring that an organization is adh...

NIST SP 800-53
NIST 800-53 Risk Assessment

NIST 800-53 Risk Assessment is a comprehensive process used to identify, assess, and manage the secu...

Vulnerability Management
Hacker

A hacker is an individual who uses their technical knowledge to gain unauthorized access to computer...

Security Clearance

6clicks' comprehensive guide to security clearances in the United States, Australia, and the United ...

Prioritisation

Prioritisation is the process of determining the order of importance or urgency of activities, tasks...