Cyber, critical infrastructure & AI standards — all in one place.
The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.
Browse by industry
Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.
Explore all industriesContent Library
Showing 11 of 51
NIST CSF 2.0 — NIST Cybersecurity Framework 2.0
The NIST Cybersecurity Framework 2.0 is a comprehensive framework to help organizations manage and reduce cybersecurity risks. It provides guidelines, tools, and resources for improving cybersecurity practices across diverse sectors.
National Institute of Standards and Technology (NIST) • United States • v2.0
CPG 234 — CPG 234 Information Security
This standard provides information security guidance for Australian financial institutions regulated by APRA. It aims to ensure operational resilience and protect against information security threats.
Australian Prudential Regulation Authority (APRA) • Australia • vJune 2019
CPG 235 — Prudential Practice Guide CPG 235 - Managing Data Risk
The Prudential Practice Guide CPG 235 provides guidance for Australian financial institutions on how to effectively manage data risk. It focuses on identifying, assessing, and mitigating risks associated with data to ensure its integrity, availability, and confidentiality.
Australian Prudential Regulation Authority (APRA) • Australia
CPS 220 — Prudential Standard CPS 220 Risk Management
CPS 220 is a prudential standard issued by the Australian Prudential Regulation Authority (APRA) outlining risk management requirements for regulated entities. It establishes standards for institutions to identify, assess, and manage risks effectively to ensure financial stability and compliance.
Australian Prudential Regulation Authority (APRA) • Australia
CPS 226 — Prudential Standard CPS 226: Margining and Risk Mitigation for Non-centrally Cleared Derivatives
This is an Australian standard issued by APRA outlining the requirements for margining and risk mitigation of non-centrally cleared derivatives. It ensures financial institutions operate with adequate practices to manage counterparty risk.
Australian Prudential Regulation Authority (APRA) • Australia
CPS 232 — Prudential Standard CPS 232 Business Continuity Management
CPS 232 is an Australian Prudential Standard that outlines the requirements for regulated entities to maintain and manage effective business continuity plans. It ensures that entities are prepared to address and recover from disruptions to their operations.
Australian Prudential Regulation Authority (APRA) • Australia
CPS 230 — Prudential Standard CPS 230 Operational Risk Management
CPS 230 sets out requirements for APRA-regulated entities to effectively manage operational risks. It covers obligations on governance, risk frameworks, and risk controls to ensure resilience against operational disruptions.
Australian Prudential Regulation Authority (APRA) • Australia
CPS 510 — Prudential Standard CPS 510 Governance
This is a prudential standard issued by the Australian Prudential Regulation Authority (APRA) to provide requirements for governance of regulated entities. It focuses on promoting sound corporate governance practices.
Australian Prudential Regulation Authority (APRA) • Australia
RG 259 — RG 259 Risk management systems of fund operators
This regulatory guide provides specific guidance for Australian financial services (AFS) licensees that are responsible entities or corporate directors (fund operators) on how to comply with their obligation under s912A(1)(h) of the Corporations Act 2001 to maintain adequate risk management systems.
Australian Securities and Investments Commission (ASIC) • Australia
ISO/IEC 27001:2013 — ISO/IEC 27001:2013 - Information technology — Security techniques — Information security management systems — Requirements
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). It also includes guidelines for assessing and addressing information security risks in organizations.
ISO/IEC • Global • v2013
ISO/IEC 27001:2022 — ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection — Information security management systems — Requirements
ISO/IEC 27001:2022 is an international standard defining requirements for an information security management system (ISMS). It helps organizations establish, implement, maintain, and continually improve their information security processes to manage data-related risks.
ISO/IEC • Global • v2022
Ready to manage these frameworks?
6clicks maps regulations to controls, evidence and risks — automatically.