⚙️Live webinar: AI governance in controlled environments: The next compliance challenge. Register now
6clicks Marketplace

Cyber, critical infrastructure & AI standards — all in one place.

The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.

Book a strategy call

All content · 14 items

PrivacyLawIn 6clicks App

APPs — Australian Privacy Principles

The Australian Privacy Principles (APPs) are a set of 13 principles that form the privacy protection framework under the Privacy Act 1988. They govern how personal information is collected, used, disclosed, and managed by organizations and agencies subject to the Act.

Issuer
Office of the Australian Information Commissioner (OAIC)
Jurisdiction
Australia
View detailsprivacy · data protection
PrivacyLawIn 6clicks App

UAE Personal Data Protection Law — Federal Decree Law No. 45 of 2021 Regarding the Protection of Personal Data

The UAE Personal Data Protection Law establishes an integrated framework to ensure the confidentiality of information and protect individual privacy in the UAE. It governs the processing of personal data, defines the rights of data owners, sets requirements for cross-border data transfer, and outlines obligations for businesses handling personal data.

Issuer
UAE Data Office
Jurisdiction
United Arab Emirates
Version
20 Sep 2021
View detailsdata protection · privacy
PrivacyLawIn 6clicks App

Qatar PDPPL — Qatar Personal Data Privacy Protection Law (Law No. (13) of 2016)

The Qatar Personal Data Privacy Protection Law (PDPPL), formally Law No. 13 of 2016, is the primary data protection framework in Qatar. It governs how organizations collect, process, store, transfer, and secure personal data belonging to individuals in the country.

Issuer
Qatar National Cyber Security Agency (NCSA)
Jurisdiction
Qatar
View detailsdata protection · consent management
CybersecurityRegulationIn 6clicks App

Safe & Trusted Internet — Guidelines on Information Security Practices for Government Entities

The Safe & Trusted Internet Guidelines on Information Security Practices for Government Entities, issued by the Indian Computer Emergency Response Team (CERT-In), establish baseline cyber security controls and best practices to help government entities protect ICT infrastructure, systems, networks, and data against evolving cyber threats and strengthen India’s digital security posture.

Issuer
Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India
Jurisdiction
India
View detailsinformation security · CERT-In
CybersecurityStandardControl setIn 6clicks App

ISO/IEC 27001:2013 — ISO/IEC 27001:2013 - Information technology — Security techniques — Information security management systems — Requirements

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). It also includes guidelines for assessing and addressing information security risks in organizations.

Issuer
ISO/IEC
Jurisdiction
Global
Version
2013
View detailsinformation security · ISMS
CybersecurityControl setIn 6clicks App

DCC-1:2022 — Data Cybersecurity Controls

The Data Cybersecurity Controls (DCC-1:2022) establish minimum cybersecurity requirements to protect data throughout its lifecycle. Issued by the Saudi National Cybersecurity Authority, the controls build on existing cybersecurity frameworks to enhance the Kingdom's overall cybersecurity maturity.

Issuer
National Cybersecurity Authority (NCA)
Jurisdiction
Kingdom of Saudi Arabia
Version
1:2022
Updated
May 2025
View detailscybersecurity · controls
PrivacyLawIn 6clicks App

Privacy Act 1988 — Privacy Act 1988

The Privacy Act 1988 is an Australian law that regulates the handling of personal information by businesses, government agencies, and other entities. It includes provisions for the Australian Privacy Principles, credit reporting, and notification of data breaches.

Issuer
Australian Government
Jurisdiction
Australia
Version
No. 119, 1988
View detailsprivacy · data protection
PrivacyLawIn 6clicks App

Privacy and Data Protection Act 2014 — Privacy and Data Protection Act 2014 Version No. 032

The Privacy and Data Protection Act 2014 establishes a framework for protecting personal information and ensuring data security within the State of Victoria, Australia. It sets out responsibilities for Victorian public sector agencies regarding personal data handling and protections.

Issuer
Victorian Government
Jurisdiction
Victoria, Australia
Version
Version No. 032
Updated
May 2026
View detailsprivacy · data protection
CybersecurityStandardControl setIn 6clicks App

ISO/IEC 27001:2022 — ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection — Information security management systems — Requirements

ISO/IEC 27001:2022 is an international standard defining requirements for an information security management system (ISMS). It helps organizations establish, implement, maintain, and continually improve their information security processes to manage data-related risks.

Issuer
ISO/IEC
Jurisdiction
Global
Version
2022
View detailsinformation security · ISMS
CybersecurityStandardIn 6clicks App

SMB1001 — SMB1001 Cybersecurity Standard

The SMB1001 Cybersecurity Standard provides small and medium-sized businesses, including law firms, with a clear and achievable framework to enhance their cybersecurity defenses and demonstrate due diligence. It aims to help practitioners protect client confidentiality, reduce cyber risks, and meet stakeholder requirements.

Issuer
Dynamic Standards International (DSI)
Jurisdiction
Australia
Version
2026
Updated
Sep 2025
View detailscybersecurity · data protection
PrivacyRegulationIn 6clicks App

GDPR — General Data Protection Regulation

The General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union to harmonize privacy regulations across member states. It governs the processing of personal data by organizations operating within the EU and those outside the EU that target EU residents.

Issuer
European Parliament and Council of the European Union
Jurisdiction
European Union
Updated
May 2018
View detailsdata protection · privacy
PrivacyRegulationIn 6clicks App

India - (DPDP) Rules — India - Digital Personal Data Protection (DPDP) Rules

The Digital Personal Data Protection Rules, 2025 operationalize India’s Digital Personal Data Protection Act, 2023 by establishing detailed requirements for the collection, processing, storage, and protection of digital personal data. The Rules define obligations for organizations handling personal data, including consent management, breach notifications, data retention, and protections for children and vulnerable individuals. They also establish governance mechanisms such as the Data Protection Board and provide a phased implementation timeline for compliance.

Issuer
Government of India
Version
2025
Updated
Jan 2025
View detailsprivacy · cybersecurity
CybersecurityStandardControl setIn 6clicks App

PCI DSS — PCI Data Security Standard (PCI DSS)

The PCI Data Security Standard (PCI DSS) is a global security standard designed to protect payment card account data. It establishes technical and operational security requirements for organizations that handle cardholder data.

Issuer
PCI Security Standards Council
Version
4.x
View detailspayment security · data protection
PrivacyLawIn 6clicks App

India - PDPD Act — India - Digital Personal Data Protection (PDPD) Act (Act No. 22 of 2023)

The Digital Personal Data Protection Act, 2023 (Act No. 22 of 2023) establishes India’s legal framework for processing digital personal data while balancing individuals’ privacy rights with lawful data use. The Act defines obligations for organizations handling personal data, grants rights and duties to individuals, and introduces requirements for consent, data protection, and breach accountability. It also establishes the Data Protection Board of India to oversee compliance, adjudication, and enforcement of penalties for violations.

Issuer
Government of India
Jurisdiction
India
Version
2023
Updated
Aug 2023
View detailsprivacy · cybersecurity
Industries

Looking for sector-specific guidance?

Each industry page bundles the standards that matter most for that sector, with expert commentary and links to the 6clicks platform.

Critical Infraustructure

Critical infrastructure spans the energy, water, transport, healthcare, and communications sectors whose disruption would impact national security, safety, and the economy.

See items

Defense

6clicks deploys inside classified and air-gapped environments, meets strict data handling requirements, and keeps your program audit-ready.

See items

Finance Sector

Pertains to banking, insurance, and financial services, focusing on regulatory compliance, risk management, and financial integrity.

See items

Government

See items
All industries

Ready to operationalize these standards?

The 6clicks platform maps these regulations to controls, evidence and risks — automatically.

Book a strategy call