Cyber, critical infrastructure & AI standards — all in one place.

The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.

Browse by industry

Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.

Explore all industries

Content Library

Showing 11 of 11

CybersecurityStandardFramework

CAIQ v4.1.0 — Consensus Assessment Initiative Questionnaire v4.1.0

The Consensus Assessments Initiative Questionnaire (CAIQ) v4.1.0 is a comprehensive cloud security assessment questionnaire developed by the Cloud Security Alliance (CSA) and aligned with the Cloud Controls Matrix (CCM) v4.1 to help organizations evaluate the security, privacy, and compliance practices of cloud service providers. It includes 261 assessment questions mapped to 207 controls across 17 security domains, supporting detailed vendor due diligence, third-party risk management, and cloud security assessments using a standardized industry framework.

Cloud Security Alliance (CSA) • v4.1.0

View details
CybersecurityStandard

CAIQ Lite v4.1.0 — Consensus Assessments Initiative Questionnaire Lite v4.1.0

Consensus Assessments Initiative Questionnaire (CAIQ) Lite v4.1.0 is a streamlined cloud security assessment questionnaire developed by the Cloud Security Alliance (CSA) and aligned with the Cloud Controls Matrix (CCM) v4.1 to help organizations evaluate cloud service providers using a standardized approach. It includes 138 focused questions across 17 security domains, enabling efficient vendor due diligence, third-party risk management, and security posture assessments.

Cloud Security Alliance (CSA) • v4.1.0

View details
CybersecurityFrameworkStandard

CCM v4.1 — Cloud Controls Matrix v4.1

The Cloud Controls Matrix (CCM) v4.1 is a cybersecurity control framework that consists of 207 controls across 17 security domains, specifically tailored for cloud security and privacy. The Consensus Assessment Initiative Questionnaire (CAIQ) accompanies the CCM, offering a set of assessment questions to evaluate security controls.

Cloud Security Alliance (CSA) • v4.1

View details
CybersecurityStandard

Cyber Essentials v3.3 — Cyber Essentials: Requirements for IT Infrastructure

Cyber Essentials v3.3 is a UK government-backed cybersecurity scheme defining baseline security measures for businesses. The update, effective from 26th April 2026, refines requirements to close ambiguities and enforce stricter compliance on cloud services, MFA, and endpoint protection.

NCSC (National Cyber Security Centre) • United Kingdom • v3.3

View details
CybersecurityStandard

ISO/IEC 27018:2025 — ISO/IEC 27018:2025 Information security, cybersecurity and privacy protection — Guidelines for protection of personally identifiable information (PII) in public clouds acting as PII processors

ISO/IEC 27018:2025 is the global standard for managing personally identifiable information (PII) in public cloud services. It provides cloud providers with a framework to ensure privacy, security, and compliance when processing customer data.

International Organization for Standardization (ISO) • v2025

View details
CybersecurityStandard

ISM CCM — Information Security Manual Cloud Controls Matrix Template

The Cloud Controls Matrix (CCM) Template is a comprehensive framework for mapping cloud security controls to industry standards and compliance requirements. It helps organizations assess, implement, and demonstrate effective cloud security practices across diverse environments.

Australian Government • Australia • vJune 2026

View details
CybersecurityControl set

CIS Controls v8.1 — CIS Critical Security Controls Version 8.1

The CIS Critical Security Controls Version 8.1 is a prioritized set of cybersecurity best practices designed to defend against common cyber threats to systems and networks. It includes updates to align with evolving industry standards and frameworks, such as NIST CSF 2.0.

Center for Internet Security (CIS) • v8.1

View details
CybersecurityStandardFramework

CCM v4.0 — Cloud Controls Matrix v4.0

The Cloud Controls Matrix (CCM) v4 is a meta-framework of cloud-specific security controls designed to provide clarity and structure for information security in cloud computing environments. It includes mappings to leading standards, best practices, and regulations.

Cloud Security Alliance (CSA) • v4.0

View details
CybersecurityFramework

CSA IoT Controls — CSA IoT Security Controls Framework

The CSA IoT Security Controls Framework provides essential security controls to mitigate risks in IoT systems that include various connected devices, cloud services, and networks. It is designed to apply to a range of IoT systems, from handling low-value data to supporting critical services.

Cloud Security Alliance (CSA) • v2

View details
CybersecurityStandard

Cyber Essentials Mark — CSA Cybersecurity Certification: Cyber Essentials Mark

The Cyber Essentials (2025) certification is a cybersecurity certification scheme developed by the Cyber Security Agency (CSA) of Singapore. It provides a framework for organisations to enhance their cybersecurity posture, covering areas like classical cybersecurity, cloud security, OT security, and AI security.

Cyber Security Agency of Singapore (CSA) • Singapore • v 04-2025 (Second edition)

View details
GRCRegulation

EU Data Act — Regulation on harmonised rules on fair access to and use of data (Data Act)

The Data Act is an EU regulation that aims to establish fair rules for access to and use of data generated by connected devices. It promotes data sharing, safeguards user rights, and prevents unfair practices while supporting innovation and the data economy.

European Commission • European Union • v(EU) 2023/2854

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks — automatically.

Book your strategy call