Cyber, critical infrastructure & AI standards — all in one place.
The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.
Browse by industry
Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.
Explore all industriesContent Library
Showing 6 of 6
ISM SSP — Information Security Manual System Security Plan Annex Template
The System Security Plan (SSP) Annex Template is a structured document used to capture detailed information about an organization’s cyber security controls and implementation. It supports accreditation processes by providing evidence of compliance, risk management, and system-specific security measures.
Australian Government • Australia • vJune 2026
RFFR ISM SoA — Right Fit for Risk Information Security Manual Statement of Applicability
The Right Fit for Risk (RFFR) Statement of Applicability (SoA) is a structured template used to document how organizations meet cyber security accreditation requirements. It outlines applicable controls, their implementation status, and provides assurance of compliance with the RFFR framework.
Australian Government • Australia • vJune 2026
ISM — Information Security Manual
The Australian ISM is the nationally recognized cybersecurity framework developed by the Australian Signals Directorate. It provides organizations with structured guidance to safeguard information and operational technology systems against evolving cyber threats.
Australian Government • Australia • vJune 2026
SOCIA 2018 — Security of Critical Infrastructure Act 2018
The Security of Critical Infrastructure Act 2018 (SOCIA) establishes a regulatory framework for managing national security risks to Australia’s critical infrastructure sectors. It introduces statutory obligations, reporting requirements, and oversight mechanisms for critical assets.
Australian Department of Home Affairs • Australia • vNo. 29, 2018
C2M2 — Cybersecurity Capability Maturity Model
The Cybersecurity Capability Maturity Model (C2M2) is a tool developed by the U.S. Department of Energy to help organizations evaluate and enhance their cybersecurity capabilities. It focuses on both IT and OT environments, offering a structured framework of over 350 practices organized into 10 domains.
U.S. Department of Energy • United States • v2.1
UAE IA V2 — UAE Information Assurance Standard Version 2
The UAE Information Assurance Standard Version 2 (UAE IA V2) is a national cybersecurity framework issued by the UAE Cyber Security Council in 2025. It builds upon the previous version with updated controls and integrations to address modern technologies, such as AI/ML, IoT, cloud, and post-quantum cryptography.
UAE Cyber Security Council • United Arab Emirates • v2.0
Ready to manage these frameworks?
6clicks maps regulations to controls, evidence and risks — automatically.