Cyber, critical infrastructure & AI standards — all in one place.
The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.
Browse by industry
Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.
Explore all industriesContent Library
Showing 7 of 7
Guidelines on ICT and Security Risk Management
The EBA Guidelines establish requirements for credit institutions, investment firms, and payment service providers on mitigating and managing information and communication technology (ICT) risks. They aim to ensure a consistent and robust approach to ICT and security risk management across the EU financial sector.
European Banking Authority (EBA) • European Union • v2025 update
IS18 — Information and Cyber Security Policy (IS18)
The Information and Cyber Security Policy (IS18) is a policy framework established by the Queensland Government to enhance information security and organizational resilience. It mandates the implementation of ISO 27001-based ISMS, systematic risk management, and compliance with the Australian Signals Directorate's Essential Eight Strategies for all Queensland Government agencies.
Queensland Government • Queensland, Australia • v9.0.0
FSSCP — The Financial Services Sector Cybersecurity Profile
The Financial Services Sector Cybersecurity Profile is a scalable and extensible assessment tool designed to help financial institutions manage cyber risks and demonstrate regulatory compliance. It is based on the NIST Cybersecurity Framework and offers a tailored approach to streamline cybersecurity assessments globally.
Financial Services Sector Coordinating Council (FSSCC) • Global
SMB1001 — SMB1001 Cybersecurity Standard
The SMB1001 Cybersecurity Standard provides small and medium-sized businesses, including law firms, with a clear and achievable framework to enhance their cybersecurity defenses and demonstrate due diligence. It aims to help practitioners protect client confidentiality, reduce cyber risks, and meet stakeholder requirements.
Dynamic Standards International (DSI) • Australia • v2026
AESCSF v2 Core — Australian Energy Sector Cyber Security Framework
The Australian Energy Sector Cyber Security Framework (AESCSF) provides a structured approach for managing cybersecurity risks specific to the energy sector. Version 2 introduces updates and refinements to address evolving threats and ensure resilience.
Australian Energy Market Operator (AEMO) • Australia • v2.0
CPS 232 — Prudential Standard CPS 232 Business Continuity Management
CPS 232 is an Australian Prudential Standard that outlines the requirements for regulated entities to maintain and manage effective business continuity plans. It ensures that entities are prepared to address and recover from disruptions to their operations.
Australian Prudential Regulation Authority (APRA) • Australia
CPS 230 — Prudential Standard CPS 230 Operational Risk Management
CPS 230 sets out requirements for APRA-regulated entities to effectively manage operational risks. It covers obligations on governance, risk frameworks, and risk controls to ensure resilience against operational disruptions.
Australian Prudential Regulation Authority (APRA) • Australia
Ready to operationalize these standards?
6clicks maps regulations to controls, evidence and risks automatically.