On the QBA results page, a new option 'Partially compliant' is made available in the 'Compliance status' dropdown in order to review the responses as partially compliant if it meets the criteria partially.
Total of 4 options will be available in the 'Compliance status' dropdown -
For SOX compliance we're performing quarterly Access Recertifications. Whilst recurring quarterly, the actual work needs to be done within a 30 day window at the end of the quarter.
Currently new tasks for assignees are generated as the previous due date expires... which for this use case is 2 months too early.
Having a 'Start Date' (perhaps set relative to the Due Date - e.g. 30 days before due date), with assignee tasks generated on that date, would make things soooo much smoother!
Thanks team.
Admins can now assign 'Spokes to User-groups' (Hub only) which would ensure that all the users within those user-groups automatically become Advisor for those spokes.
Our poor 3rd parties are sick of doing Vendor Risk Assessments annually and having to re-key all the data in (via 6Clicks Assessment), and in 6Clicks the ability for by default the form to be pre-filled from previous vendor response would make it a much easier sell to get their current status. Allow for select fields to be excluded where we want a new response (I wouldn't use this, but some clients may). It would also mean we could analyse quickly were a vendor response has changed from last year and just look at the exceptions!
Add the stage access and stage requirements from risk workflows to the issue/incident workflow (and other workflows that are added in future).
This would add more options to incident management and allow for mandating certain fields be completed before stage change (e.g. closure).
While system fields such as “Risk owners” and “Access members” effectively differentiate between users and groups, custom fields currently lack this functionality.
To enhance user experience and reduce confusion, it would be beneficial to implement a clear indication of whether a selected value from the dropdown menu is a user or a group. This improvement would align custom fields with the existing system fields’ practice and provide a more intuitive interface.
Adding support for skipped questions in the Assessment's Pixel perfect templated reporting.
Similar to Risk Treatment Plan permissions, Admins will have an ability to grant permissions to only view Project & Playbook tasks
When a Risk treatment plan (RTP) is closed, the controls linked to the RTP are linked to risk automatically.
We need to see all the assign and completed task by default as well small dashboard when its show by stage like new, completec and open.
Hi Team, it would be very helpful to be able to customise the Risk ID. Keeping the current option as well where it is generated by the system.
Regards,
Joe
Currently the 6Clicks Zapier integration has limited actions available.
Create Issue or Incident - This is available as an action in Zapier but the response returned is limited. I can see that the issues-api/1.0/issues can return more things after creation
Get/Update Issue or Incident - Currently there isn't a way to get or update an existing Issue or Incident in Zapier
Custom API Request - Some Zapier integrations have this option like Slack and Atlassian. It allows API request to any of the rest endpoint with the authentication already handled by the Integration. For example this could open up all of the 6Click Developer API endpoints to Zapier.
From the Users list, ability to select multiple users and delete all at once. Currently, users can only be deleted one-by-one.
Create QBA based on authority/control sets. Option to create question per provision/control or per short text custom field for large authorities (i.e. category)
Suggests controls from any control sets to link