Contents
It seems as though cyber security compliance requirements are never-ending.
Rightly so - there is an increasing amount at stake. At 6clicks, our mission is to make it easier for businesses and advisors to get on top of these obligations.
Late last year, we released 6clicks Pixel Perfect. As the name suggests, it is designed to support pixel-perfect style reporting associated with an audit or assessment.
The first cab of the rank for this has been PCI DSS ROC reporting - for those PCI QSA's, you will be aware of the very precise reporting requirements, particularly section 6, that we've now automated for you.
.png?width=2245&name=PCI%20DSS%20Product%20Images%20(4).png)
Using the same 6clicks Pixel Perfect engine, we have released the following to our 6clicks library of content:
- ISO/IEC 27001:2013 Annex A Statement of Applicability template;
- ISM September 2021 SSP Annex template; and
- ASD Cloud Security Control Matrix September 2021 template.
ISO/IEC 27001:2013 Annex A Statement of Applicability Template
This is a requirement-based assessment with predefined fields to suit an ISO/IEC 27001 Statement of Applicability (SoA).
All 114 ISO/IEC 27001 Annex A controls are available in this template, along with predefined fields to complete.
The predefined fields are:
- Applicability (yes/no);
- Justification (long text response);
- Compliant (yes/no);
- Documentation reference (short text response); and
- Implementation notes (long text response).
ISM September 2021 SSP Annex Template
This is a requirement-based assessment with predefined fields to suit an ISM System Security Plan (SSP) Annex.
All controls from the ISM September 2021 release are available in this template, along with predefined fields to complete.
The predefined fields are:
- Applicability (yes/no);
- Justification (long text response);
- Compliant (yes/no);
- Documentation reference (short text response); and
- Implementation notes (long text response).
You can download the ISM requirement-based assessment template and use it as is.
Or you can modify it as you see fit.
ASD Cloud Security Control Matrix September 2021 Template
This is a requirement-based assessment with predefined fields to suit an ASD Cloud Security Control Matrix Assessment.
All controls from the ISM September 2021 release are available in this template, along with predefined fields to complete.
The predefined fields are:
- Outsourcer: Implementation Status (Dropdown)
- Outsourcer: Implementation Comments (Long Text Response)
- System: Implementation Status (Dropdown)
- System: Implementation Comments (Long Text Response)
- Consumer Implementation Responsibility (Dropdown)
- Consumer Implementation Guidance (Long Text Response)
All of these are available for advisors to use with their clients or for businesses directly. And of course, if you need to modify it to suit your requirements, that is easy too.
Conclusion
If you want to know how these ISO 27001 controls may relate to those in other frameworks like the NIST Cyber Security Framework or others, you can always get that from Hailey.
If you would like more details on how ISO 27001 will benefit your organization, then contact 6clicks today. Here's how 6clicks automates your ISO 27001 compliance automation, quickly.
How about a whistle-stop tour with one of our 6clicks maestros? Easy, just click the button below and let the good times roll.
All we want to do, every day, is make the world of GRC easier to manage. We can't do that without you, so we hope to hear from you real soon!
