Cyber, critical infrastructure & AI standards — all in one place.
The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.
Browse by industry
Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.
Explore all industriesContent Library
Showing 15 of 15
PRIS Act — Privacy and Responsible Information Sharing Act 2024
The Privacy and Responsible Information Sharing Act 2024 (PRIS Act) establishes a privacy framework for the Western Australian public sector. It introduces Information Privacy Principles (IPPs) and provisions for privacy complaints, privacy impact assessments, and a notifiable information breach scheme.
Government of Western Australia • Western Australia
NIST SP 800-53 Rev. 5.2 — Security and Privacy Controls for Information Systems and Organizations
NIST Special Publication 800-53 Rev. 5 provides a comprehensive catalog of security and privacy controls designed to safeguard organizational operations, assets, and individuals from a broad spectrum of risks including cyberattacks, human mistakes, and natural disasters. It is widely used for implementing security measures as part of risk management frameworks.
NIST (National Institute of Standards and Technology) • United States • v5.2.0
India - (DPDP) Rules — India - Digital Personal Data Protection (DPDP) Rules
The Digital Personal Data Protection Rules, 2025 operationalize India’s Digital Personal Data Protection Act, 2023 by establishing detailed requirements for the collection, processing, storage, and protection of digital personal data. The Rules define obligations for organizations handling personal data, including consent management, breach notifications, data retention, and protections for children and vulnerable individuals. They also establish governance mechanisms such as the Data Protection Board and provide a phased implementation timeline for compliance.
Government of India • India • v2025
India - PDPD Act — India - Digital Personal Data Protection (PDPD) Act (Act No. 22 of 2023)
The Digital Personal Data Protection Act, 2023 (Act No. 22 of 2023) establishes India’s legal framework for processing digital personal data while balancing individuals’ privacy rights with lawful data use. The Act defines obligations for organizations handling personal data, grants rights and duties to individuals, and introduces requirements for consent, data protection, and breach accountability. It also establishes the Data Protection Board of India to oversee compliance, adjudication, and enforcement of penalties for violations.
Government of India • India • v2023
Privacy Act
The Privacy Act of Canada governs the collection, use, retention, and disclosure of personal information by federal government institutions. It ensures that individuals have the right to access and correct their personal information held by the government.
Government of Canada • Canada
UAE Personal Data Protection Law — Federal Decree Law No. 45 of 2021 Regarding the Protection of Personal Data
The UAE Personal Data Protection Law establishes an integrated framework to ensure the confidentiality of information and protect individual privacy in the UAE. It governs the processing of personal data, defines the rights of data owners, sets requirements for cross-border data transfer, and outlines obligations for businesses handling personal data.
UAE Data Office • United Arab Emirates • v20 Sep 2021
Qatar PDPPL — Qatar Personal Data Privacy Protection Law (Law No. (13) of 2016)
The Qatar Personal Data Privacy Protection Law (PDPPL), formally Law No. 13 of 2016, is the primary data protection framework in Qatar. It governs how organizations collect, process, store, transfer, and secure personal data belonging to individuals in the country.
Qatar National Cyber Security Agency (NCSA) • Qatar
Privacy and Data Protection Act 2014 — Privacy and Data Protection Act 2014 Version No. 032
The Privacy and Data Protection Act 2014 establishes a framework for protecting personal information and ensuring data security within the State of Victoria, Australia. It sets out responsibilities for Victorian public sector agencies regarding personal data handling and protections.
Victorian Government • Victoria, Australia • version No. 032
Consumer Data Right — Competition and Consumer (Consumer Data Right) Rules 2021
The Competition and Consumer (Consumer Data Right) Rules 2021 outline regulations for implementing Australia's Consumer Data Right (CDR) framework. They establish rules for data sharing, privacy safeguards, accreditation of data recipients, and dispute resolution processes.
Department of the Treasury • Australia
CDR Designation 2019 — Consumer Data Right (Authorised Deposit Taking Institutions) Designation 2019
This legislative instrument designates the banking sector in Australia as subject to the Consumer Data Right (CDR). It specifies which classes of information are included or excluded under the CDR framework.
Australian Government • Australia • v14 July 2023
CDR Energy Sector Designation 2020 — Consumer Data Right (Energy Sector) Designation 2020
This legislative instrument designates the Australian energy sector under the Consumer Data Right (CDR) framework. It specifies the types of data, entities, and arrangements covered by CDR for energy consumers.
Australian Government • Australia • v26 June 2020
PIPEDA — Personal Information Protection and Electronic Documents Act
The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that sets rules for the collection, use, and disclosure of personal information in the course of commercial activities. It aims to balance individuals' privacy rights with industry needs for personal data use.
Government of Canada • Canada
GDPR — General Data Protection Regulation
The General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union to harmonize privacy regulations across member states. It governs the processing of personal data by organizations operating within the EU and those outside the EU that target EU residents.
European Parliament and Council of the European Union • European Union
APPs — Australian Privacy Principles
The Australian Privacy Principles (APPs) are a set of 13 principles that form the privacy protection framework under the Privacy Act 1988. They govern how personal information is collected, used, disclosed, and managed by organizations and agencies subject to the Act.
Office of the Australian Information Commissioner (OAIC) • Australia
Privacy Act 1988 — Privacy Act 1988
The Privacy Act 1988 is an Australian law that regulates the handling of personal information by businesses, government agencies, and other entities. It includes provisions for the Australian Privacy Principles, credit reporting, and notification of data breaches.
Australian Government • Australia • vNo. 119, 1988
Ready to manage these frameworks?
6clicks maps regulations to controls, evidence and risks — automatically.