Cyber, critical infrastructure & AI standards — all in one place.

The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.

Browse by industry

Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.

Explore all industries

Content Library

Showing 8 of 8

CybersecurityFrameworkStandard

CCM v4.1 — Cloud Controls Matrix v4.1

The Cloud Controls Matrix (CCM) v4.1 is a cybersecurity control framework that consists of 207 controls across 17 security domains, specifically tailored for cloud security and privacy. The Consensus Assessment Initiative Questionnaire (CAIQ) accompanies the CCM, offering a set of assessment questions to evaluate security controls.

Cloud Security Alliance (CSA) • v4.1

View details
CybersecurityStandard

SOC-CMM — SOC-CMM Assessment Tool

The SOC-CMM model is a capability maturity model that can be used to perform a self-assessment of your Security Operations Center (SOC). The model is based on review conducted on literature regarding SOC setup and existing SOC models as well as literature on specific elements within a SOC. The literature analysis was then validated by questioning several Security Operations Centers in different sectors and on different maturity levels to determine which elements were actually in place. The output from the survey, combined with the initial analysis is the basis for this self-assessment. For more information regarding the scientific background and the literature used to create the SOC-CMM self-assessment tool, please refer to the thesis document as available through: https://www.soc-cmm.com/

SOC-CMM

View details
CybersecurityStandard

Cyber Essentials Danzell Question Set — Cyber Essentials Question Set v3.3 (Danzell) April 2026

Cyber Essentials: Requirements for IT Infrastructure v3.3 Question Set is a structured self-assessment designed to help organizations evaluate their cyber security practices. It focuses on five key technical control areas—firewalls, secure configuration, user access control, malware protection, and patch management. By completing the question set, organizations can demonstrate compliance with baseline security standards and strengthen resilience against common cyber threats.

National Cyber Security Centre (NCSC) • v3.3

View details
GRCLaw

AML/CTF Act — Anti-Money Laundering and Counter-Terrorism Financing Act 2006

This is an Australian law established to prevent money laundering and financing of terrorism. It imposes obligations on certain entities to implement anti-money laundering and counter-terrorism financing measures, including customer due diligence, reporting, and record-keeping.

Australian Government • Australia • vCompilation No. 60, 31 March 2026

View details
CybersecurityFramework

CMMC — Cybersecurity Maturity Model Certification

The Cybersecurity Maturity Model Certification (CMMC) Assessment Guide defines how organizations are evaluated for compliance with cybersecurity requirements when working with the U.S. Department of Defense. It outlines assessment methods, evidence expectations, and control validation aligned with standards like NIST SP 800-171. The guide ensures consistent and rigorous verification of an organization’s ability to protect sensitive information.

US Government • United States • v2.13

View details
CybersecurityFramework

FSSCP — The Financial Services Sector Cybersecurity Profile

The Financial Services Sector Cybersecurity Profile is a scalable and extensible assessment tool designed to help financial institutions manage cyber risks and demonstrate regulatory compliance. It is based on the NIST Cybersecurity Framework and offers a tailored approach to streamline cybersecurity assessments globally.

Financial Services Sector Coordinating Council (FSSCC) • Global

View details
CybersecurityGuideline

NIST SP 800-171A Rev. 3 — NIST Special Publication 800-171A Rev. 3 - Assessing Security Requirements for Controlled Unclassified Information

This publication provides a methodology and assessment procedures for evaluating security requirements associated with the protection of Controlled Unclassified Information (CUI). It supports compliance with NIST SP 800-171 in nonfederal systems and organizations.

National Institute of Standards and Technology (NIST) • United States • vRevision 3

View details
CybersecurityGuideline

NIST SP 800-161 Rev. 1 — NIST Special Publication 800-161 Rev. 1 - Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations

This publication provides guidance on identifying, assessing, and mitigating cybersecurity risks throughout the supply chain. It integrates Cybersecurity Supply Chain Risk Management (C-SCRM) practices into organizational risk management processes.

National Institute of Standards and Technology (NIST) • United States • vRev. 1, Update 1

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks — automatically.

Book your strategy call