Derive field value from another field’s value & Skip logic

Send tasks to other users on RBA requirements

Ability to bulk update register items to link data from other registers or modules.

Linking all register items from a QBA results page

Rather than filtering for the answered/unanswered questions, we want it to be presented like how the highlighted content is displayed in the attachment below. In the case of "Question :4 of 10" in the attached image refers to the number of the question you are currently answering. Instead of that we want it to be "2 of 10" if 2 questions are answered in total or "4 of 10" if 4 questions are answered in total. We are looking for something similar to this format.

Current behavior: When filtering by assessment owner, only the first person or group selected in the multi-select field is considered. As a result, assessments owned by others in the selection do not appear in the search results.

Request: Ensure that all selected owners in the multi-select field are included in the search, not just the first one.

Current Behavior: When using the Tags filter, only one tag can be selected during a search. Additionally, clearing the search field also removes any selected tags.

Request: Please allow multiple tags to be selected when searching. Clearing the search field should not remove the selected tags—new tags should simply be added to the existing selection.

The current report does not currently include information from all registers. We would like to request that the reports include all registers

To be able to change or edit the "Type" for the policies and controls that are being imported via Hailey. To be able to edit/change the type in either the "Edit" or "Published" status. At the moment you can only change the type if you 'manually' import the policies and controls, however you cannot change the type if it was imported via Hailey.  

Users of the platform often get multiple emails a day if they have many tasks allocated to them. Looking for an update that allows a user to receive a daily digest (customisable by administrators) summarising all tasks, risks, actions etc due for them.

Update the audits and assessments module with a UX similar to the risk and vendor module where you can select the columns you which to show on the main audit and assessment dashboard page. Example fields I am looking for are assessment due date reviewer.

Ability to download all files attached/uploaded to an issue/incident or (subordinate) task.

I would like the ability to define a shared introductory field within the 6clicks platform that displays the same static content for each risk. This field should support formatted text, helpful links, and attachments, and serve as a consistent guide or instruction panel for users reviewing or assessing risks.

Additionally, I propose implementing a similar shared introductory field for Issues.

Ref to the attached for the idea.

On the QBA results page, a new option 'Not applicable' is made available in the 'Compliance status' dropdown in order to review the responses as not applicable if the question wasn't applicable.

Total of 5 options will be available in the 'Compliance status' dropdown -
• Compliant
• Not compliant
• Partially compliant
• Not applicable
• None

It would be helpful to have a next and previous button for each register. This would allow you to set filtering and sorting or navigate to a workflow stage and page through items without the need to return to the register and click inot the next item.

I would like to request the addition of new fields in the report section, within the assessment. Currently, the following fields do not exist:

REPORTS, inside the assessment results.

RESPONSE DATA
TABLE
SELECT FIELDS
<<<insert new fields>>>
Question Id Ref
Question Group Name

<<ISSUES&RISK TABLES>>

Treatment Plan Description

Currently, the attestations cannot be sent to users who are not part of the system. My understanding is it can only be sent to internal users who have some role in the system.

We have a requriement where we would like to send to all vendor employees who have access to our environment an Acceptable Use policy for them to attest.

At the moment, we are planning to work around with some existing features.

We have created a questionnaire where the custom introduction is essentially the content of the policy. We then created a question which asks "Do you acknowledge and agree" with a "Yes/No" option.

Ideally, since you have the Attestation feature, it would be great if we could use attestation feature for this and if its linked to the Third Parties list. This way, we can see for a specific vendor, if they have completed their assessments, what risks they have and how many of their employees completed an attestation

1. DevAPI support for RBA assessments
2. PowerBI support

It would greatly enhance usability if the system could retain the selected number of items displayed per page (e.g., 50 items). Currently, when a user navigates for example into a risk and then returns to the register, the item count resets to the default of 20. This requires manually changing the setting each time, which interrupts workflow efficiency.

Issue:
In the Assessment module, questions with skip conditions are still displayed even when the condition to skip them is met.

Suggested Enhancement:
Introduce an option to hide skipped questions entirely from the user interface and output when skip logic is triggered.

Benefit:
This would allow better control over assessment flow, reduce user confusion, and improve data relevance by displaying only applicable questions.

Automate ISO27001:2013 Risks Control & Compliance update when updating to ISO27001:2022 using the control sets and standards applicable to the assessments and issues.

Can you please develop a method to perform a bulk Risks Control & Compliance update linking them to published Control sets and Standards.

The existing template is not reflecting the newly added controls while linking in the assessment. The recommendation is if we add any control in control set , it should reflecting in assessment while linking.

When linking any data (risks, assets, controls, issues, custom registers etc.), the linkage should be two-way.
If I link an asset with a risk, an issue, a control and a custom register entry, I should be able to go to any of these modules, select the respective entry and view the asset that they are linked to.

Currently, I can link assets with controls, but cannot view what assets are linked with each control from the "Controls" module.

Add the API call for Risks to include the Tags information associated to them.