We’re excited to announce that the latest PCI DSS 4.0.1 content is now available in the 6clicks Content Library, bringing a more streamlined and ready-to-use experience for your compliance assessments.
What this means for you
Pre-configured Content: The PCI DSS 4.0.1 release includes the Authority and a complete Assessment template setup.
Ready-to-Use Assessments: Assessment templates come with pre-set fields, rules, and the RoC (Report on Compliance) template, so you can start right away.
Simplified Compliance Workflow: Quickly respond to assessments and generate reports with minimal setup.
Time efficiency: Generate the entire ‘Findings and Observations section’ in seconds and not in days, accelerating your reporting process.
This update makes it easier than ever to manage PCI DSS compliance—consistent, efficient, and ready to go. Head to the Content library to explore the PCI DSS 4.0.1 content
We’ve introduced new capabilities to make it easier for Hub users to distribute and maintain Control Sets across spokes in your Hub & Spoke environment.
What’s new?
Smarter update handling: When pushing control sets to multiple spokes, the system now automatically determines whether each spoke should receive a new control set or an update to an existing one.
‘Update existing’ option:
Existing control sets in spokes can now be updated instead of always being recreated
Linkages (e.g., to risks or tasks) are retained, ensuring continuity of related data
If a spoke doesn’t already have the control set, it’s created there automatically
Safe update logic:
If a Control ID changes → the old control is deleted, and a new one is created (linkages not retained).
If a Responsibility name changes → the old responsibility and its tasks are deleted and recreated (linkages not retained).
This enhancement reduces duplication and data loss when maintaining shared control sets across spokes — making Hub-driven updates more reliable and efficient. Read more here - KB Article.
Key Improvements
We’re updating the Risk Details (Advanced Self-Service View) to improve performance, scalability, and data accessibility across the Analytics module.
The new version will enable users to:
✅ Experience faster query and load times
✅ Build more dynamic and accurate self-service reports
Once deployed, customers will be able to create new reports using the updated SSV, while the old SSV will be decommissioned.
Reports previously built on the old SSV will continue to work but will no longer be editable.
What You Might Need to Do
Review any existing Risk Details reports that rely on the old SSV.
If you need to make edits or build new versions, plan to recreate them using the new SSV after deployment.
Otherwise, no immediate action is required — your current reports will remain accessible and functional.
Deployment Schedule
📅 Target Deployment Date: November 18, 2025
This update is part of our ongoing improvements to the Analytics module to enhance speed, reliability, and data depth.Stay tuned for further updates as we continue optimizing the reporting experience across modules.
As part of our ongoing efforts to enhance performance and stability across the Analytics module, we are decommissioning the legacy Risk reports and replacing them with new, optimized versions.
These legacy reports have been identified as key contributors to performance bottlenecks, occasionally causing the analytics environment to slow down or temporarily stall. The new reports are optimized for performance and scalability, ensuring a faster and more stable user experience across all tenants.
Key Improvements
Faster load times: New reports load 20–30% faster than before. Improved stability: Reduces the likelihood of slowdowns or timeouts when viewing Risk data. Enhanced data model: Includes linked entities and relationships from Risks to other modules. Better user experience: Streamlined design and improved consistency across dashboards.
Reports Affected
Legacy reports/ ssv to be decommissioned:
Risk Register
Risk Treatment Plan Report
Risk Register (Hub)
Risk Treatment Plan Report (Hub)
Risk Details (Advanced Self-Service View)
New optimized reports/ssv replacing them (same names):
Risk Register
Risk Treatment Plan Report
Risk Register (Hub)
Risk Treatment Plan Report (Hub)
Risk Details (Advanced Self-Service View) v2.0
Additionally, the Risk Register and Risk Treatment Plan Report within the Risk Dashboard will also be replaced with their optimized counterparts.
We’re excited to introduce the Rule Builder, a powerful new capability that brings intelligence and automation to your assessments in 6clicks. With this feature, admins can define rules that dynamically show or hide fields based on context—so assessors see only what’s relevant to each requirement or control.
What this means for you
- Smarter Assessments with Rules
Dynamic Display Conditions: Configure when fields appear based on key attributes such as requirement category, control type, or other contextual factors.
Flexible Configuration: Create, edit, or delete rules directly from your workspace.
Streamlined Experience: As assessors complete assessments, fields automatically adjust in real time based on the rules you’ve defined—keeping forms concise and focused.
For example, during a PCI DSS assessment, the Rule Builder ensures only fields related to the applicable requirement are visible—like showing “Assessment findings” only for parent requirements. This keeps assessments precise, faster to complete, and easier to review.
- Enhanced User experience
Create and manage custom assessment fields—now moved from the side panel into a central grid(when creating an assessment in Draft status), for easier setup
Head to the Assessments module to start creating your first set of rules today.
We’re excited to announce a powerful new capability for our Enterprise Hub & Spoke customers — the ability to transfer and share risks between spokes.
Sharing a Risk
Easily share a single risk with other spokes while maintaining ownership in the originator spoke.
Key highlights:
Share risks with one or multiple spokes.
Originator spoke retains full ownership & edit rights.
Destination spokes get view-only access to the shared risk.
Add specific users or groups in the destination spoke who can view the risk.
Notifications sent via email + in-app alerts.
If the risk is archived in the originator spoke, sharing is automatically removed.
👉 Use case: Perfect when a risk impacts multiple parts of the business and everyone needs visibility without duplication.
Transferring a Risk
Move risk ownership from one spoke to another while ensuring accountability and visibility.
Key highlights:
Transfer full ownership of a risk to a destination spoke.
Originator spoke retains read-only access to the transferred risk.
Requires at least one new risk owner in the destination spoke.
Notify destination users, originator users, and even external stakeholders.
A risk can be transferred only once. After transfer, it can still be shared.
Spoke-level custom fields & linked data are not transferred.
When a risk is transferred, its history log from the original spoke stays behind but remains visible in read-only mode.
👉 Use case: Ideal when accountability for a risk needs to shift from one team or region to another.
How to enable?
Hub Admins can configure permitted spokes and guidance text under Administration > Settings > Features.
Once a spoke is added to the permitted list, Spoke Admins get permissions by default; Advisors can grant permissions to themselves and others if required.
For comprehensive steps, learn more at - Transferring & sharing risks between spokes
Adding Shared & Archived filters to reports and dashboards
For all the out-of-the-box reports and dashboards, Shared & Archived filters would be available by default.
For the custom reports and dashboards that are created using the Self-Serve report option, you’ll need to add the filters to your report/dashboard -
The following two fields needs to be dragged onto Filters section of a report and then filters should be enabled on the dashboard. Please follow the KB article link for help.
This feature is available now for all Enterprise Hub & Spoke environments. If you’re unsure whether it applies to your setup, please reach out to your 6clicks representative.
Risk forms
We’re excited to announce that you can now create business-facing, multi-step forms to capture risks directly into 6clicks. This makes it simple for anyone – whether employees, contractors, or partners – to flag risks without needing a login.
What this means for you
You can design your own form, choosing which risk fields appear.
Decide whether to include a risk assessment as part of the submission.
Set up routing rules so submitted risks land in the right stage and with the right owner automatically.
Why this matters
Broader visibility: Risks can be raised by anyone, not just platform users.
Less admin overhead: Submissions go straight into the risk register, ready for triage.
Better governance: Every risk is categorized and actioned from the start.
With this feature, risk management becomes more accessible across your organization, helping you identify and address risks earlier.
Learn more at our knowledge base.
AI-powered compliance mapping uplift
We’ve upgraded compliance mapping in 6clicks to make it faster, smarter, and easier to use. These improvements help you better align your internal controls and policies with frameworks, standards, and regulations, reduce manual mapping effort, and gain clearer insights into your compliance posture.
Key enhancements
Simplified comparison tags: Quickly understand how items map across frameworks with streamlined, intuitive tags.
AI mapping insights: AI suggests and explains relevant mappings, saving time and improving coverage.
Improved mapping engine: Benefit from a more accurate and faster AI-powered mapping engine.
Benefits
Clarity: Cleaner, more consistent tags make it easier to interpret mapping results.
Efficiency: AI-driven suggestions accelerate the mapping process and reduce manual effort.
Accuracy: The improved engine delivers better results, even for complex or large-scale mappings.
With these enhancements, compliance mapping is now more powerful and user-friendly, helping your team streamline alignment across multiple standards.
Head to the compliance module to start mapping!
We are excited to share that Requirement Based Assessments (RBA) are getting better and more efficient. This update focuses on simplifying the assessment lifecycle by removing unnecessary steps, improving navigation, and providing better organization of response data and attachments.
✨ What's New
Simplified navigation
When editing an assessment, the tabs displayed change depending on the assessment status:
Draft status: Shows tabs for assessment configuration
In Progress status: Show tabs for collecting responses against requirements
Streamlined workflow process
Publish step removed: As we found that the Published status was an unnecessary step, to streamline assessment creation we have removed this stage.
Simply change the status to 'In-Progress' when ready to start collecting responses
The 'Date Published' field will no longer be populated. Existing template reporting will continue to show this field data but going forward, the value will be 'null' for new assessments.
Existing assessments with 'Published' status will be transitioned to 'Draft' status automatically - you do not need to do anything. All other assessment data will remain unchanged.
Submit action not required: Once the response has been completed, simply move the status to 'Completed' to lock the response from further edits
Assessments in Closed status can now be moved to any other status as needed
All status changes are automatically logged in the assessment history
Note that RBA templates still require the publish step to ensure changes are saved and prevent further edits
Reorganized side panel
Some tab names have been renamed:
'Data' tab → 'Response' tab: Focused specifically on filling response fields for each requirement
'Requirement details' tab → 'Details' tab: Displays comprehensive requirement information and linked data
'Notes & Guidance' tab → 'Notes' tab: Streamlined access to relevant notes
Some new tabs have been added:
'Linked Data' tab: Easily link issues, risks, or other relevant data as part of your response
'Attachments' tab: Dedicated space to upload, view, and manage all assessment attachments
The 6clicks status page now supports subscribing only to the regions you are interested in. Here's how:
Visit the status page
Click Subscribe
Enter your email
Choose "Get Manage Link"
Follow the instructions in the email received to manage your subscription
Please see 6clicks instances to find out which region you are connected to.
A raft of new endpoints, new functionality, and bug fixes have been released for the Developer API and PowerBI connector over the last two weeks.
Changes include:
The following data is now retrievable from both the Developer API and PowerBI. Please download the latest PowerBI connector under Administration > Integrations > PowerBI.
Custom register items
Risk assessments
Assessment responses and assessment audit dates
Teams/tenants (including both hub and spokes)
Spoke groups
Issues and incident owners, including both users and groups
Project and playbooks now returns an IsArchived property so that archived projects can be filtered from results properly
Risk access members and user-type custom fields
User roles
A new endpoint to update assessment status has been added
The endpoint for creating an assessment from a template has been improved
Bug fix: The workflow status is now correctly returned when the workflow is managed at the Hub
We've introduced a way to define assessment's scope by using assessment description field and data linking. This enhancement ensures risk and compliance teams can capture comprehensive assessment scope with supporting data alignment from the very beginning of their assessment process.
This capability is available in both 'Question based' and 'Requirement based' assessments.
User interface changes
Assessment overview tab simplified and now accessible through a dedicated button
A new Linked data tab to manage all the content linked to an assessment
Data linking and reporting
Linked data tab enables the linkage of relevant datasets including:
Authorities (standards and frameworks)
Assets
Any register item
Template reporting support
New placeholders are available via the template reporting (Reports tab) to induce this data into your reports
Assessment description, and
Assessment linked data
Learn more
Question based assessment: Knowledge base article
Requirement based assessment: Knowledge base article
Template reporting: Overview data
The Developer API has been expanded with additional endpoints for:
Retrieving user roles
Retrieving risk access members and custom fields
Retrieving custom register item and issue & incident owners
Retrieving Project and Playbook archived status
An updated PowerBI connector supporting these changes will be available later this week.
We've significantly enhanced the response page center grid to give you greater control over your assessment view. This update delivers improved flexibility, performance, and configuration options to streamline your response collection process.
🔧 Flexible column display
Take full control of your data view by selecting exactly which fields to display:
Requirement details: Choose from Description, and all other provision fields
Assessment fields: Display any assessment-related data columns
📐 Customizable layout
Tailor the grid layout to match your needs:
Adjustable column widths: Resize columns to optimize your viewing experience
Column positioning: Arrange columns in your preferred order
Word wrap: Text wrapping is enabled for better readability of longer content
Personal preference: Your grid configuration is automatically saved and preserved for future sessions
⚡ Performance boost
Experience smoother, faster navigation:
Enhanced loading: Quicker page transitions when working with requirements
Optimized rendering: Improved grid performance for large datasets
Learn more on responding to a requirement based assessment.
What's Next?
We're continuing to enhance assessment capabilities with more efficiency improvements and streamlined workflows. Stay tuned for additional updates designed to make your compliance work even more productive.
General performance and stability uplift in compliance mapping.
🚀 Performance Enhancements
Dramatic speed improvement: Reduced compliance mapping execution time from 2 hours to under 2 minutes (98% reduction)
Optimised data processing algorithms for faster rule evaluation
Implemented parallel processing for concurrent compliance checks
Added intelligent caching for frequently accessed compliance rules
🛡️ Stability Improvements
Significantly reduced crashes: Enhanced error handling and memory management
Replaced legacy embeddings system that caused application instability during large mapping operations
🔧 Technical Improvements
Refactored core mapping engine for better resource utilisation
📊 Impact
Processing time: 2 hours → < 2 minutes
User experience: Seamless, near real-time compliance mappings
📎Projects & playbooks
We’ve just launched a major upgrade to the projects & playbooks module that makes creating, scoping, planning, and actioning projects, playbooks, and audits easier than ever:
Fresh new look and faster template creation
Link GRC data—assessments, risks, issues, register items, third parties & more—to tasks
Ideal for structured execution across audits, client projects, compliance initiatives, risk programs, and more
Check out the knowledge base articles here.
Rollout times (UTC):
UAE – 02:00
UK & US – 04:00
AU – 08:00
JP & SG – 10:00
🔎Other updates
Performance improvements across Assessment module