Cyber, critical infrastructure & AI standards — all in one place.

The latest standards, laws and regulations, with curated metadata, mapped controls and expert guidance from 6clicks. Built for GRC, compliance and security teams.

Browse by industry

Browse by sector. Each page shows relevant standards, laws, regulations, and frameworks.

Explore all industries

Content Library

Showing 12 of 12

CybersecurityStandard

Cyber Essentials Danzell Question Set — Cyber Essentials Question Set v3.3 (Danzell) April 2026

Cyber Essentials: Requirements for IT Infrastructure v3.3 Question Set is a structured self-assessment designed to help organizations evaluate their cyber security practices. It focuses on five key technical control areas—firewalls, secure configuration, user access control, malware protection, and patch management. By completing the question set, organizations can demonstrate compliance with baseline security standards and strengthen resilience against common cyber threats.

National Cyber Security Centre (NCSC) • v3.3

View details
CybersecurityStandard

ISO/IEC 27018:2025 — ISO/IEC 27018:2025 Information security, cybersecurity and privacy protection — Guidelines for protection of personally identifiable information (PII) in public clouds acting as PII processors

ISO/IEC 27018:2025 is the global standard for managing personally identifiable information (PII) in public cloud services. It provides cloud providers with a framework to ensure privacy, security, and compliance when processing customer data.

International Organization for Standardization (ISO) • v2025

View details
CybersecurityStandard

ISM CCM — Information Security Manual Cloud Controls Matrix Template

The Cloud Controls Matrix (CCM) Template is a comprehensive framework for mapping cloud security controls to industry standards and compliance requirements. It helps organizations assess, implement, and demonstrate effective cloud security practices across diverse environments.

Australian Government • Australia • vJune 2026

View details
CybersecurityRegulation

ISM SSP — Information Security Manual System Security Plan Annex Template

The System Security Plan (SSP) Annex Template is a structured document used to capture detailed information about an organization’s cyber security controls and implementation. It supports accreditation processes by providing evidence of compliance, risk management, and system-specific security measures.

Australian Government • Australia • vJune 2026

View details
CybersecurityRegulation

RFFR ISM SoA — Right Fit for Risk Information Security Manual Statement of Applicability

The Right Fit for Risk (RFFR) Statement of Applicability (SoA) is a structured template used to document how organizations meet cyber security accreditation requirements. It outlines applicable controls, their implementation status, and provides assurance of compliance with the RFFR framework.

Australian Government • Australia • vJune 2026

View details
CybersecurityRegulation

ISM — Information Security Manual

The Australian ISM is the nationally recognized cybersecurity framework developed by the Australian Signals Directorate. It provides organizations with structured guidance to safeguard information and operational technology systems against evolving cyber threats.

Australian Government • Australia • vJune 2026

View details
CybersecurityControl set

DCC-1:2022 — Data Cybersecurity Controls

The Data Cybersecurity Controls (DCC-1:2022) establish minimum cybersecurity requirements to protect data throughout its lifecycle. Issued by the Saudi National Cybersecurity Authority, the controls build on existing cybersecurity frameworks to enhance the Kingdom's overall cybersecurity maturity.

National Cybersecurity Authority (NCA) • Kingdom of Saudi Arabia • v1:2022

View details
GRCStandardControl set

ISO 9001 — ISO 9001:2015 Quality Management Systems — Requirements

ISO 9001:2015 is an international standard for quality management systems. It provides requirements for organizations to establish, implement, maintain, and continually improve a quality management system to enhance customer satisfaction and operational efficiency.

International Organization for Standardization (ISO) • v2015 (Edition 5)

View details
GRCStandardControl set

ISO 45001 — ISO 45001:2018 - Occupational Health and Safety Management Systems — Requirements with Guidance for Use

ISO 45001:2018 is an international standard that specifies requirements for an occupational health and safety (OH&S) management system. It helps organizations improve workplace safety, reduce risks, and enhance overall OH&S performance.

International Organization for Standardization (ISO) • v2018

View details
CybersecurityStandard

ITSP.10.171 — Protecting Specified Information in Non-Government of Canada Systems and Organizations

ITSP.10.171 sets out security requirements for protecting 'specified information' when it resides in non-Government of Canada systems or organizations. It aligns with NIST standards but adapts them to the Canadian regulatory environment.

Canadian Centre for Cyber Security • Canada • vFirst release

View details
AIStandard

AIUC-1 — AIUC-1

AIUC-1 is a standard focused on the security, safety, and reliability of AI agents used in enterprises. It addresses risks related to data privacy, security, accountability, and societal concerns while providing certification for compliant organizations.

Artificial Intelligence Underwriting Company (AIUC) • vApril 15, 2026

View details
CybersecurityGuideline

CPG 234 — CPG 234 Information Security

This standard provides information security guidance for Australian financial institutions regulated by APRA. It aims to ensure operational resilience and protect against information security threats.

Australian Prudential Regulation Authority (APRA) • Australia • vJune 2019

View details

Ready to manage these frameworks?

6clicks maps regulations to controls, evidence and risks — automatically.

Book your strategy call