Cyber, critical infrastructure & AI standards — all in one place.

The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.

Browse by industry

Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.

Explore all industries

Content Library

Showing 12 of 12

CybersecurityStandard

ASD Essential 8 Maturity Model - 2023 — Australian Signals Directorate (ASD) Essential Eight Maturity Model 2023

The ASD Essential 8 Maturity Model is a framework developed by the Australian Signals Directorate (ASD) to guide organizations in implementing prioritized cyber security mitigation strategies. It provides structured maturity levels to help organizations progressively strengthen their defenses against common cyber threats. The model ensures consistency, accountability, and resilience by aligning practices across all eight strategies.

Australian Signals Directorate (ASD) • Australia • vNovember 2023

View details
CybersecurityStandard

ISM CCM — Information Security Manual Cloud Controls Matrix Template

The Cloud Controls Matrix (CCM) Template is a comprehensive framework for mapping cloud security controls to industry standards and compliance requirements. It helps organizations assess, implement, and demonstrate effective cloud security practices across diverse environments.

Australian Government • Australia • vJune 2026

View details
CybersecurityRegulation

ISM SSP — Information Security Manual System Security Plan Annex Template

The System Security Plan (SSP) Annex Template is a structured document used to capture detailed information about an organization’s cyber security controls and implementation. It supports accreditation processes by providing evidence of compliance, risk management, and system-specific security measures.

Australian Government • Australia • vJune 2026

View details
CybersecurityRegulation

RFFR ISM SoA — Right Fit for Risk Information Security Manual Statement of Applicability

The Right Fit for Risk (RFFR) Statement of Applicability (SoA) is a structured template used to document how organizations meet cyber security accreditation requirements. It outlines applicable controls, their implementation status, and provides assurance of compliance with the RFFR framework.

Australian Government • Australia • vJune 2026

View details
CybersecurityRegulation

ISM — Information Security Manual

The Australian ISM is the nationally recognized cybersecurity framework developed by the Australian Signals Directorate. It provides organizations with structured guidance to safeguard information and operational technology systems against evolving cyber threats.

Australian Government • Australia • vJune 2026

View details
CybersecurityGuideline

Guidelines on ICT and Security Risk Management

The EBA Guidelines establish requirements for credit institutions, investment firms, and payment service providers on mitigating and managing information and communication technology (ICT) risks. They aim to ensure a consistent and robust approach to ICT and security risk management across the EU financial sector.

European Banking Authority (EBA) • European Union • v2025 update

View details
CybersecurityGuideline

IS18 — Information and Cyber Security Policy (IS18)

The Information and Cyber Security Policy (IS18) is a policy framework established by the Queensland Government to enhance information security and organizational resilience. It mandates the implementation of ISO 27001-based ISMS, systematic risk management, and compliance with the Australian Signals Directorate's Essential Eight Strategies for all Queensland Government agencies.

Queensland Government • Queensland, Australia • v9.0.0

View details
CybersecurityFramework

FSSCP — The Financial Services Sector Cybersecurity Profile

The Financial Services Sector Cybersecurity Profile is a scalable and extensible assessment tool designed to help financial institutions manage cyber risks and demonstrate regulatory compliance. It is based on the NIST Cybersecurity Framework and offers a tailored approach to streamline cybersecurity assessments globally.

Financial Services Sector Coordinating Council (FSSCC) • Global

View details
CybersecurityStandard

SMB1001 — SMB1001 Cybersecurity Standard

The SMB1001 Cybersecurity Standard provides small and medium-sized businesses, including law firms, with a clear and achievable framework to enhance their cybersecurity defenses and demonstrate due diligence. It aims to help practitioners protect client confidentiality, reduce cyber risks, and meet stakeholder requirements.

Dynamic Standards International (DSI) • Australia • v2026

View details
CybersecurityFramework

AESCSF v2 Core — Australian Energy Sector Cyber Security Framework

The Australian Energy Sector Cyber Security Framework (AESCSF) provides a structured approach for managing cybersecurity risks specific to the energy sector. Version 2 introduces updates and refinements to address evolving threats and ensure resilience.

Australian Energy Market Operator (AEMO) • Australia • v2.0

View details
GRCStandard

CPS 232 — Prudential Standard CPS 232 Business Continuity Management

CPS 232 is an Australian Prudential Standard that outlines the requirements for regulated entities to maintain and manage effective business continuity plans. It ensures that entities are prepared to address and recover from disruptions to their operations.

Australian Prudential Regulation Authority (APRA) • Australia

View details
GRCStandard

CPS 230 — Prudential Standard CPS 230 Operational Risk Management

CPS 230 sets out requirements for APRA-regulated entities to effectively manage operational risks. It covers obligations on governance, risk frameworks, and risk controls to ensure resilience against operational disruptions.

Australian Prudential Regulation Authority (APRA) • Australia

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks — automatically.

Book your strategy call