We've introduced a way to define assessment's scope by using assessment description field and data linking. This enhancement ensures risk and compliance teams can capture comprehensive assessment scope with supporting data alignment from the very beginning of their assessment process.

This capability is available in both 'Question based' and 'Requirement based' assessments.

User interface changes

1. Assessment overview tab simplified and now accessible through a dedicated button

2. A new Linked data tab to manage all the content linked to an assessment

Data linking and reporting

1. Linked data tab enables the linkage of relevant datasets including:

   1. Authorities (standards and frameworks)

   2. Assets

   3. Any register item

2. Template reporting support

   1. New placeholders are available via the template reporting (Reports tab) to induce this data into your reports

      1. Assessment description, and

      2. Assessment linked data

Learn more

• Question based assessment: Knowledge base article

• Requirement based assessment: Knowledge base article

• Template reporting: Overview data

The Developer API has been expanded with additional endpoints for:

• Retrieving user roles

• Retrieving risk access members and custom fields

• Retrieving custom register item and issue & incident owners

• Retrieving Project and Playbook archived status

An updated PowerBI connector supporting these changes will be available later this week.

We've significantly enhanced the response page center grid to give you greater control over your assessment view. This update delivers improved flexibility, performance, and configuration options to streamline your response collection process.

🔧 Flexible column display

Take full control of your data view by selecting exactly which fields to display:

• Requirement details: Choose from Description, and all other provision fields

• Assessment fields: Display any assessment-related data columns

📐 Customizable layout

Tailor the grid layout to match your needs:

• Adjustable column widths: Resize columns to optimize your viewing experience

• Column positioning: Arrange columns in your preferred order

• Word wrap: Text wrapping is enabled for better readability of longer content

• Personal preference: Your grid configuration is automatically saved and preserved for future sessions

⚡ Performance boost

Experience smoother, faster navigation:

• Enhanced loading: Quicker page transitions when working with requirements

• Optimized rendering: Improved grid performance for large datasets

Learn more on responding to a requirement based assessment.

What's Next?

We're continuing to enhance assessment capabilities with more efficiency improvements and streamlined workflows. Stay tuned for additional updates designed to make your compliance work even more productive.

General performance and stability uplift in compliance mapping.

🚀 Performance Enhancements

• Dramatic speed improvement: Reduced compliance mapping execution time from 2 hours to under 2 minutes (98% reduction)

• Optimised data processing algorithms for faster rule evaluation

• Implemented parallel processing for concurrent compliance checks

• Added intelligent caching for frequently accessed compliance rules

🛡️ Stability Improvements

• Significantly reduced crashes: Enhanced error handling and memory management

• Replaced legacy embeddings system that caused application instability during large mapping operations

🔧 Technical Improvements

• Refactored core mapping engine for better resource utilisation

📊 Impact

• Processing time: 2 hours → < 2 minutes

• User experience: Seamless, near real-time compliance mappings

📎Projects & playbooks

We’ve just launched a major upgrade to the projects & playbooks module that makes creating, scoping, planning, and actioning projects, playbooks, and audits easier than ever:

• Fresh new look and faster template creation

• Link GRC data—assessments, risks, issues, register items, third parties & more—to tasks

• Ideal for structured execution across audits, client projects, compliance initiatives, risk programs, and more

Check out the knowledge base articles here.

Rollout times (UTC):

• UAE – 02:00

• UK & US – 04:00

• AU – 08:00

• JP & SG – 10:00

🔎Other updates

• Performance improvements across Assessment module

We've rolled out several enhancements to improve task management, data visibility, and admin control.

• Task assignment

  • Assignee list now filters by linked third-party. Third-party selector is only shown if two or more third-parties are linked to the item.

  • When removing a linked third-party (with assigned tasks), a confirmation dialog appears explaining the impact.

    • Upon confirmation, all related tasks and assignees are automatically cleared.

• Table grid word wrapping

  • Long text now wraps up to 3 lines before truncating with a tooltip.

• Sorted custom data cards

  • Cards in Admin > Custom data are now shown in alphanumeric order.

• Granular tag permissions

  • Admins can allow tag creation in Custom data only; users without record-level tag permissions cannot add new tags.

We’ve been busy making improvements across the platform, and we’re excited to share what’s new! Here’s a roundup of the latest updates across different modules.

📝Question based assessments (QBA) accuracy and UX enhancements

We've introduced a major upgrade to assessments in 6clicks, now powered by enhanced Hailey AI. With a smarter interface and more flexible response options, it's now easier and faster to complete even document-heavy or repetitive assessments.

• UX enhancements

  • Redesigned assessment interface with clearer content hierarchy and streamlined navigation

  • Upload supporting documents directly into the assessment flow to reduce manual effort

  • Visual indicators show question type, domain, suggested responses, and attachments at a glance

  • Choose between using past responses or uploaded documentation

  • Tags and labels clearly show which answers are AI-generated vs. user-edited

  • Edit or override Hailey's responses at any time for full control

• Accuracy

  • Hailey AI now analyzes uploaded documents to generate precise, context-aware responses across the full assessment

  • Reduces repetitive, question-by-question input while maintaining alignment with up-to-date organizational data

  • Enhances audit and assessment speed without compromising on oversight or accuracy

  • Blends AI automation with human review for trustworthy, scalable GRC operations

🔁New ‘Entry requirements’ in Risk workflows

• Admins can now define entry requirements for each stage in a risk workflow.

• These conditions are validated before entering a workflow stage — ideal for enforcing rules on stage changes.

• Complements existing exit requirements, enabling controlled backward movement in workflows.

  • We’ve updated the name of existing stage requirements to ‘Exit requirements,’ as they are validated before moving out of a workflow stage.

• Read more: Risk workflow stage requirements

👥Automated task reassignment for deleted users

• Admins can now configure a default user/advisor to automatically receive all open tasks when a team member is deleted.

• This reassignment user is automatically preselected during the task reassignment flow.

• Applies to both users and advisors, and includes all active team members in the selection list.

• Read more: Deleting users & bulk reassigning tasks

📊Reporting & Analytics

• We've launched the Risk dashboard for Hub teams

• Introduced self-service views for the Projects & Playbooks module, which is now available together with corresponding dashboards at both Hub and Spoke levels.

• 

🛠 Performance Improvements

• We've made performance improvements to QBA history, resulting in faster load times. Additionally improved the editing process of the risk matrix in the Hub.

Redesigned the risk assessment experience with an improved workflow, enhanced form field inputs, clearer explanations of assessment logic, and expanded page layout for better usability.

We’re excited to share that we've upgraded the Assets register to bring it in line with our Custom registers, and have introduced the new Risk Self-Serve View (SSV).

Assets register upgrade

• Assets now have unique item IDs, enabling better traceability and future-proof referencing.

• The Assets register has adopted the same UI, functionality, and import/export capabilities already available in our Custom registers.

• We’ve performed a data migration behind the scenes to transition the existing assets to the new format.

• To align with the new permissions model used in other registers, register-level access members have been removed, while item-level permissions remain unchanged. User access has been preserved.

• The 'Type' field is now managed under Assets custom attributes, replacing the previous 'Asset Type' section in Administration > Custom Data

  • Admins can enable, disable, or delete the field

  • Individual 'Type' options can also be edited or deleted

New Risk Self-Serve View (SSV)

We’ve introduced a new Risk Self-Serve View (SSV) in 6clicks Analytics module to significantly enhance report performance. This upgrade addresses key user feedback, particularly related to slow report loading times in the old view. The new SSV offers a faster, more reliable reporting experience, and we recommend users transition to this view for optimal performance.

When creating a new report, search for 'Risk Details (Advanced Self-Service View) v2.0'

We’re committed to making this a seamless transition for you. If you have any questions or concerns, our support team is here to help.

We’re excited to share that the Assets register is getting a major upgrade! This update brings it in line with our Custom registers, unlocking more power, flexibility, and consistency across your 6clicks experience.

What’s Changing?

As part of this enhancement:

• Assets will now have unique item IDs, enabling better traceability and future-proof referencing.

• The Assets register will adopt the same UI, functionality, and import/export capabilities already available in our Custom registers.

• We’ll be performing a data migration behind the scenes to transition your existing assets to the new format.

• To align with the new permissions model used in other registers, register-level access members will be removed, while item-level permissions remain unchanged. User access will be preserved.

What you might need to do:

• Review your data before the migration to ensure everything is up to date.

• Back up important records if you’d like to retain a snapshot before the update.

  • Note we have tested and don't expect any issues with the go-live, but you can back up your data set via an export for added measure if you choose.

• After the release, we recommend validating your asset data and settings to confirm everything is working as expected.

🚀 We are targeting a go-live date of 15-16 May 2025, depending on the time zone.

We’re committed to making this a seamless transition for you. If you have any questions or concerns, our support team is here to help.

Thanks,

Team 6clicks

We’ve rolled out a set of updates focused on improving data accuracy, assessment review process, and overall user experience. Here’s what’s new:

1. Improved validation for custom field names in registers

To prevent confusion and ensure data integrity, users can no longer create or rename a custom field with a name that already exists in the register—either as a default or custom field.

• Attempting to create or rename a field with a duplicate or restricted name will now trigger this error: "A field with this name already exists as a custom or default 6clicks field. Please choose a different name."

• Impact on imports: If duplicate field names already exist in a register, the import process will now fail due to conflicting header names. Users must resolve these conflicts before re-importing.

• Existing duplicate fields are not automatically renamed. However, any rename attempt will be subject to the new uniqueness check.

2. New ‘Partially compliant’ status in QBA assessments

We’ve added a new status option—Partially compliant—to the 'Compliance status' dropdown in QBA Assessments.

• Users can now select, filter by, and report on this new status.

• Indicators for this status appear in the UI when selected.

• Dev API support is included, so you can programmatically access the "Partially compliant" status via integrations.

• Analytics module supports the new compliance status: "Partially compliant" in QBA assessment reports

3. New permission: 'Projects & playbook task'

A new permission is available under General > My Tasks:

• When enabled, users can view and action all project tasks assigned to them.

• Linked data tab visibility depends on having the Projects & playbooks permission.

• Existing users with Projects & playbooks permission are granted this new permission automatically.

4. UI and performance improvements

We’ve made key updates to improve usability and performance:

• Standarized layout for the Risk review side panel and Overview tab.

• Optimized performance for the User Permissions dialog under the Administration area.

We've introduced several usability improvements and important bug fixes across our reporting and analytics capabilities.

Key updates:

• Bug fixes including export to PDF for dashboards

• Bar and column chart customisations - Added an option to configure the maximum bar width percentage or to specify an exact bar width in pixels for column and bar charts.

• Custom icon sets in conditional formatting - Users can now create and use custom icons for conditional formatting.

• Custom file name options on export - Users can choose a custom file name for any type of export, previously this was only available for PDF exports on Dashboards.

• Report style customizations - Objects such as the Visible Series Selection and Date Slider Widgets can now have their appearance customised, thus can be customized to match the branding applied to the system.

• Security improvements especially around login process.

We’ve introduced a new flow to ensure continuity when a user is deleted or deactivated. If the user being removed has items assigned to them, you’ll now be prompted to reassign those items to another active user on the team.

What’s new?

• When deleting or deactivating a user, a "Delete/Deactivate user & reassign items" dialog will appear only if the user has items assigned to them.

• The dialog displays:

  • The number of items currently assigned to the user

  • An option to reassign all items to another user

• Admins can choose one of the following:

  • Delete/Deactivate user & reassign items: All items are reassigned to the selected user. An email is sent listing all reassigned items. A separate email is sent just to the Admin user confirming the delete and reassignment.

  • Only delete/deactivate user:

    • With delete, the user is removed, and their items are unassigned. An email with the list of updated items is sent to the Admin.

    • With deactivate, the user is deactivated. Items are still assigned to the deactivated user and can be used to filter content. No email is sent.

  • Cancel: No action is taken.

Context-aware reassignment

• When deleting an advisor on a spoke, only items from that spoke are considered for reassignment, and only users/advisors from the same spoke can be selected.

• When deleting a respondent (third-party user):

  • Only users from the same third party (or third parties, if the respondent is linked to multiple) are available for reassignment.

  • If no valid users are found for reassignment, the UI will display a message indicating this and reassignment option will be unavailable.

Upcoming ➡️

In an upcoming release, we will offer further automation of ownership reassignment, in particular to handle user deletion or de-activation that occurs via SCIM Provisioning and bulk operations. New button to reassign all items from one user to another, directly from the Users page.

This change improves governance and auditability by allowing better control over ownership of items when team members are removed. Guidance is available on this KB article.

We’ve launched two powerful updates to supercharge your risk management programs.

Automated RTP workflow

When marking Risk Treatment Plans (RTPs) as Completed, you can now automatically transfer controls and provisions from the RTP to the Controls & compliance tab of the associated risk — saving time and reducing manual work. You can also keep track of controls and provisions being transferred via the Risk History tab.

📙 Learn more in the updated knowledge base article

New risk dashboard

Your reporting just got smarter! The new Risk Dashboard, called Risk Dashboard (New), offers a dynamic, visual snapshot of your risk landscape:

• Track trends in risk assessments, treatment plans, and risk ratings

• Drill down by risk status, domain, workflow stage, and more

• Understand risk posture at a glance with charts like the Risk Rating Radar, Risks by Domain, and Time to Due Date

Use filters across Risk, Assessment, and Treatment views to get the insights you need—fast.

💡 Available now under the Dashboards section in Reporting & Analytics

We are pleased to announce support for the SCIM 2.0 standard, allowing integration with Microsoft Entra ID and automated provisioning of users and groups.

Read more about it here.

New Developer API endpoints

New endpoints have been added for:

1. Getting responses to an assessment

2. Updating third party custom attributes

Combined with the Custom Workflow Builder, these endpoints allow for updating third party information based on their responses to an assessment.