Cyber, critical infrastructure & AI standards — all in one place.
The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.
Browse by industry
Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.
Explore all industriesContent Library
Showing 13 of 33
ADHICS — Abu Dhabi Healthcare Information and Cyber Security Standard
The AAMEN programme ensures that all healthcare facilities in Abu Dhabi comply with information security and data privacy standards to safeguard patient data. It incorporates the Abu Dhabi Healthcare Information and Cyber Security Standard (ADHICS) and aims to enhance cybersecurity governance, resilience, and innovation in the healthcare sector.
Department of Health Abu Dhabi • Abu Dhabi, United Arab Emirates • v2
CPS 231 — Prudential Standard CPS 231 Outsourcing
The Prudential Standard CPS 231 establishes requirements for outsourcing arrangements by financial institutions regulated by the Australian Prudential Regulation Authority (APRA). It aims to ensure that risks associated with outsourcing are effectively managed.
Australian Prudential Regulation Authority (APRA) • Australia
UAE IA V2 — UAE Information Assurance Standard Version 2
The UAE Information Assurance Standard Version 2 (UAE IA V2) is a national cybersecurity framework issued by the UAE Cyber Security Council in 2025. It builds upon the previous version with updated controls and integrations to address modern technologies, such as AI/ML, IoT, cloud, and post-quantum cryptography.
UAE Cyber Security Council • United Arab Emirates • v2.0
VPDSS 2.0 — Victorian Protective Data Security Standards V2.0
The Victorian Protective Data Security Standards (VPDSS) establish 12 high-level mandatory requirements for the protection of public sector information in Victoria, Australia. These requirements cover governance, information, personnel, ICT, and physical security, focusing on a risk-managed approach tailored to the Victorian government context.
Office of the Victorian Information Commissioner (OVIC) • Victoria, Australia • v2.0
AIUC-1 — AIUC-1
AIUC-1 is a standard focused on the security, safety, and reliability of AI agents used in enterprises. It addresses risks related to data privacy, security, accountability, and societal concerns while providing certification for compliant organizations.
Artificial Intelligence Underwriting Company (AIUC) • vApril 15, 2026
NIST SP 800-39 — NIST Special Publication 800-39 - Managing Information Security Risk: Organization, Mission, and Information System View
NIST SP 800-39 provides guidance for developing an organization-wide program to manage information security risk. It introduces a structured yet flexible framework for assessing, responding to, and monitoring risks associated with federal information systems.
National Institute of Standards and Technology (NIST) • United States
NIST SP 800-161 Rev. 1 — NIST Special Publication 800-161 Rev. 1 - Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations
This publication provides guidance on identifying, assessing, and mitigating cybersecurity risks throughout the supply chain. It integrates Cybersecurity Supply Chain Risk Management (C-SCRM) practices into organizational risk management processes.
National Institute of Standards and Technology (NIST) • United States • vRev. 1, Update 1
NIST CSF 2.0 — NIST Cybersecurity Framework 2.0
The NIST Cybersecurity Framework 2.0 is a comprehensive framework to help organizations manage and reduce cybersecurity risks. It provides guidelines, tools, and resources for improving cybersecurity practices across diverse sectors.
National Institute of Standards and Technology (NIST) • United States • v2.0
CPS 220 — Prudential Standard CPS 220 Risk Management
CPS 220 is a prudential standard issued by the Australian Prudential Regulation Authority (APRA) outlining risk management requirements for regulated entities. It establishes standards for institutions to identify, assess, and manage risks effectively to ensure financial stability and compliance.
Australian Prudential Regulation Authority (APRA) • Australia
CPS 230 — Prudential Standard CPS 230 Operational Risk Management
CPS 230 sets out requirements for APRA-regulated entities to effectively manage operational risks. It covers obligations on governance, risk frameworks, and risk controls to ensure resilience against operational disruptions.
Australian Prudential Regulation Authority (APRA) • Australia
RG 259 — RG 259 Risk management systems of fund operators
This regulatory guide provides specific guidance for Australian financial services (AFS) licensees that are responsible entities or corporate directors (fund operators) on how to comply with their obligation under s912A(1)(h) of the Corporations Act 2001 to maintain adequate risk management systems.
Australian Securities and Investments Commission (ASIC) • Australia
ISO/IEC 27001:2013 — ISO/IEC 27001:2013 - Information technology — Security techniques — Information security management systems — Requirements
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). It also includes guidelines for assessing and addressing information security risks in organizations.
ISO/IEC • Global • v2013
ISO/IEC 27001:2022 — ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection — Information security management systems — Requirements
ISO/IEC 27001:2022 is an international standard defining requirements for an information security management system (ISMS). It helps organizations establish, implement, maintain, and continually improve their information security processes to manage data-related risks.
ISO/IEC • Global • v2022
Ready to manage these frameworks?
6clicks maps regulations to controls, evidence and risks — automatically.