Flexible pricing tailored to your organization
Choose a plan that fits your needs.
ENTERPRISE
GRC that works where others can’t, without limits and pricing complexity
Sovereign deployment, full GRC Core, and all-inclusive pricing based on the size of your organization and the number of Spokes you need.
Request enterprise pricing-
Unlimited users
Onboard your entire organization without restrictions.
- No usage limits
- Unlimited vendors
- No per-seat pricing
-
Unlimited content
Standards, frameworks, control sets, audit templates and risk libraries ready to go.
- Unlimited frameworks
- Unlimited use cases
- Upload your own content
-
Multi-entity deployment
Hub & Spoke for centralized oversight with local autonomy across entities.
- Deploy Spokes from one Hub
- Full data separation per entity
- SaaS, sovereign cloud, self-hosted, or GRC Appliance
-
Full GRC Core
Risk, compliance, and audit powered by Hailey AI and the GRC Knowledge Graph.
- All features and modules
-
Hailey AI engine
-
Analytics and reporting
ADVISORS & MSPS
Unlimited scale and predictable cost built on sovereign GRC infrastructure
White-label capabilities, streamlined multi-client management, and flexible licensing and deployment for scalable service delivery.
Become a 6clicks partner-
White-label customization
Your branding, your domain, your content. Deliver a consistent client experience.
- Custom colors, logo, and email domain
- Upload your own content and IP
- Your web domain
-
Multi-client deployment
Hub & Spoke architecture for centralized oversight with client autonomy.
- Deploy and manage client Spokes from one Hub
- Full data separation per client
- SaaS, sovereign cloud, self-hosted, or GRC Appliance
-
Assessment Only License
One-off client assessments with a built-in path to full managed services.
- Unlimited client response-only users
- Unlimited frameworks and content
- Unlimited audits and assessments
-
Full Feature Spoke License
Full managed services and vCISO engagements at scale.
- Unlimited client users
-
All features, modules, and Hailey AI
-
Analytics and reporting
Need help choosing the right plan for your organization?
Our team can provide a free assessment to evaluate your needs and recommend the right plan.
COMPARE FEATURES
The functionality you get at a glance
Every plan includes the GRC Core, Hailey AI, and the Content Library. Scale up with modules, Spokes, and deployment options as your program grows.
-
Hyperscaler cloudLocal cloud (sovereign, in-country)Self-hosted (customer-managed)6clicks GRC Appliance (for air-gapped environments)
-
Define your own content and create your own exclusive content libraryShare content across teamsIntegrated frameworks, standards, laws, and regulationsPre-defined risk and issue libraries, audit and assessment templates, obligation and control sets, and projects and playbooks
-
Hub for central access and controlSpoke grouping and segmentationSpoke templatingBulk-assess Spokes
-
Pre-built reportsDashboardsLiveDocs stories and presentationsCustom report builderSend reports to external team membersPower BI connector for advanced analyticsRolled up reporting and analytics across Spokes
-
Role-based access control (RBAC)Multi-factor authentication (MFA)Single sign-on (Okta, Azure AD, PingID)Data-level permissionsCustom brandingUse your own email domain for notificationsUse your own domain - i.e., grc.yourdomain.com
-
Developer API using REST architectureBuild custom GRC workflows and trigger internal and external eventsExport and integrate data for advanced reportingBuild custom control tests
-
Unlimited question and requirement-based assessmentsEvidence upload and attachmentsAI-powered risk and issue recommendationsAI-powered audit and assessment response generationMapping to controls and authoritiesAssessment tagging and categorizationAssessment and question-level access controlRecurring and scheduled assessmentsSkip logic for assessment branchingDefine your own content and create your own exclusive content libraryDefine your own content and create your own exclusive content library
-
Audit evidenceAudit reportsCustom workflowsAudit findings and actionsAudit universe and plan
-
Risk registersRisk reviewsRisk librariesCustom workflows, fields, and stage requirementsCustom risk assessment frameworksTag managementCreate risk treatment plansAI-powered risk treatment plan generationAssignment and management of risk treatment plansRisk access controlLink risks to controls, issues, third parties, assessments, custom registers, and moreRisk hierarchy
-
Unlimited vendorsRecurring and scheduled assessmentsAutomated vendor assessments and linking to risks and issuesAI-powered creation of risks and issues from vendor assessmentsCustom fields and vendor onboarding formsCustom onboarding and assessment workflowsTag management
-
Issue and incident registersIssue and incident librariesCustom fields and workflowsTag managementTask creationAI-powered task generationTask assignment and managementIssue and incident access controlIntegrate with your ticketing softwareCustom issue and incident submission formsLink issues and incidents to controls, risks, third parties, assessments, custom registers, and more
-
Manage obligations or control setsAssignment of control responsibilitiesEmployee policy viewerAI-powered control-to-authority mappingAutomatic updates to control linkages for new versions of standards and frameworks
-
Compliance obligation managementManual compliance mappingAI-powered compliance mapping
-
Automated and continuous testing of internal technical controlsReal-time alerts for control failures, configuration issues, and security incidentsReporting, including test coverage, pass-fail ratios and control performanceActionable recommendationsIntegrations with cloud providers and monitoring tools (Wiz, Laceworks, Azure, and more)
-
Unlimited custom registers and register itemsCustom fields and workflows per registerTask assignment and managementAI-powered task generationLink register items to issues, incidents, risks, and moreData entry via integrations and APIsTag managementRegister access control
-
Pre-built reportsDashboardsPower BI connector for advanced analyticsCustom report generator
-
Conversational AI assistant built for cyber GRCReal-time insights into your GRC programContext-aware responses powered by AI and your dataNavigate to assessments, risks, issues, third parties, controls, and moreContextual support, education, and 6clicks Knowledge Base article recommendations
-
Unlimited assetsCustom fields and workflowsTask assignment and managementAI-powered task generationLink to issues, incidents, risks, vulnerabilities, custom registers, and moreIntegrate with your CMDBTag managementAsset access control
-
Ingest vulnerability data from scanning tools (Qualys, Nessus, and more)Pre-defined mappings to Qualys and NessusDefine your own mappings for any scanning toolAutomated linkage to assets, risks, and issues
-
Share audits, assessments, and control setsProfile viewer access managementPublic Trust Portal profiles and contentTag managementUpload certifications and supporting documentation
-
Run attestation flows for control sets and risksUnlimited attestation respondents
-
Create project and playbook templatesCreate, assign and manage tasksLink projects and playbooks to assessments, audits, risks, issues, custom registers, and moreTrack and report on progress
-
Hyperscaler cloudLocal cloud (sovereign, in-country)Self-hosted (customer-managed)6clicks GRC Appliance (for air-gapped environments)
-
'Lite' Assessment-Only SpokesAdvisor accessDemo Spoke
-
Client Spoke grouping and segmentationClient Spoke templatingHub for central access and control with unlimited advisor accessBulk-assess client Spokes
-
Your own custom branding and logosEmbed your own contentCreate your own exclusive content libraryUse your own email domain for notifications For configurationUse your own domain - i.e., grc.yourdomain.com For configuration
-
Define your own content and create your own exclusive content libraryShare content with clientsIntegrated frameworks, standards, laws, and regulationsPre-defined risk and issue libraries, audit and assessment templates, obligation and control sets, and projects and playbooks
-
Unlimited response-only access for clientsRole-based access control (RBAC)Multi-factor authentication (MFA)Single sign-on (Okta, Azure AD, PingID)Data-level permissions
-
Pre-built reportsDashboardsLiveDocs stories and presentationsCustom report builderSend reports to external team membersPower BI connector for advanced analyticsRolled up reporting and analytics across client Spokes
-
Developer API using REST architectureBuild custom GRC workflows and trigger internal and external eventsExport and integrate data for advanced reportingBuild custom control tests
-
Unlimited question and requirement-based assessmentsEvidence upload and attachmentsAI-powered risk and issue recommendations Full Feature Spoke only
AI-powered audit and assessment response generation Full Feature Spoke onlyMapping to controls and authoritiesAssessment tagging and categorizationAssessment and question-level access controlRecurring and scheduled assessmentsSkip logic for assessment branching -
Audit evidenceAudit reportsCustom workflowsAudit findings and actionsAudit universe and plan Full Feature Spoke only
-
Risk registersRisk reviewsRisk librariesCustom workflows, fields, and stage requirementsCustom risk assessment frameworksTag managementCreate risk treatment plansAI-powered risk treatment plan generationAssignment and management of risk treatment plans Full Feature Spoke onlyRisk access control Full Feature Spoke onlyLink risks to controls, issues, third parties, assessments, custom registers, and more Full Feature Spoke onlyRisk hierarchy Full Feature Spoke only
-
Unlimited vendors Full Feature Spoke onlyRecurring and scheduled assessments Full Feature Spoke onlyAutomated vendor assessments and linking to risks and issues Full Feature Spoke onlyAI-powered creation of risks and issues from vendor assessments Full Feature Spoke onlyCustom fields and vendor onboarding formsCustom onboarding and assessment workflows Full Feature Spoke onlyTag management Full Feature Spoke only
-
Issue and incident registersIssue and incident librariesCustom fields and workflowsTag managementTask creationAI-powered task generation Full Feature Spoke onlyTask assignment and management Full Feature Spoke onlyIssue and incident access control Full Feature Spoke onlyIntegrate with your ticketing software Full Feature Spoke onlyCustom issue and incident submission forms Full Feature Spoke onlyLink issues and incidents to controls, risks, third parties, assessments, custom registers, and more Full Feature Spoke only
-
Manage obligations or control sets Full Feature Spoke onlyAssignment of control responsibilities Full Feature Spoke onlyEmployee policy viewer Full Feature Spoke onlyAI-powered control-to-authority mapping Full Feature Spoke onlyAutomatic updates to control linkages for new versions of standards and frameworks Full Feature Spoke only
-
Compliance obligation management Full Feature Spoke only
Manual compliance mapping Full Feature Spoke onlyAI-powered compliance mapping Full Feature Spoke only -
Automated and continuous testing of internal technical controls Full Feature Spoke only
Real-time alerts for control failures, configuration issues, and security incidents Full Feature Spoke only -
Unlimited custom registers and register items Full Feature Spoke onlyCustom fields and workflows per register Full Feature Spoke onlyTask assignment and management Full Feature Spoke onlyAI-powered task generation Full Feature Spoke onlyLink register items to issues, incidents, risks, and more Full Feature Spoke onlyData entry via integrations and APIs Full Feature Spoke onlyTag management Full Feature Spoke onlyRegister access control Full Feature Spoke only
-
Pre-built reportsDashboardsPower BI connector for advanced analyticsCustom report generator
-
Conversational AI assistant built for cyber GRC Full Feature Spoke onlyReal-time insights into your GRC program Full Feature Spoke only
Context-aware responses powered by AI and your data Full Feature Spoke onlyNavigate to assessments, risks, issues, third parties, controls, and more Full Feature Spoke onlyContextual support, education, and 6clicks Knowledge Base article recommendations Full Feature Spoke only -
Unlimited assets
Full Feature Spoke only
Custom fields and workflows Full Feature Spoke onlyTask assignment and management Full Feature Spoke onlyAI-powered task generation Full Feature Spoke onlyLink to issues, incidents, risks, vulnerabilities, custom registers, and more Full Feature Spoke onlyIntegrate with your CMDB Full Feature Spoke onlyTag management Full Feature Spoke onlyAsset access control Full Feature Spoke only -
Ingest vulnerability data from scanning tools (Qualys, Nessus, and more)
Full Feature Spoke only
Pre-defined mappings to Qualys and Nessus Full Feature Spoke onlyDefine your own mappings for any scanning tool Full Feature Spoke onlyAutomated linkage to assets, risks, and issues Full Feature Spoke only -
Share audits, assessments, and control sets Full Feature Spoke onlyProfile viewer access management Full Feature Spoke onlyPublic Trust Portal profiles and content Full Feature Spoke onlyTag management Full Feature Spoke onlyUpload certifications and supporting documentation Full Feature Spoke only
-
Run attestation flows for control sets and risks Full Feature Spoke onlyUnlimited attestation respondents
Full Feature Spoke only
-
Create project and playbook templates Full Feature Spoke onlyCreate, assign and manage tasks Full Feature Spoke onlyLink projects and playbooks to assessments, audits, risks, issues, custom registers, and more Full Feature Spoke only
Track and report on progress Full Feature Spoke only
WHY 6CLICKS
Trusted where getting it wrong is not an option.
Government, defence, and critical infrastructure.
96
%Customer satisfaction rate
80
%Increase in efficiency through AI automation
100
%Channel-aligned for tailored advisory and MSP delivery
1000
+Frameworks across industries and use cases
5000
+Users in 40+ countries
Trusted globally for smarter risk and compliance
BENEFITS
What comes with your 6clicks license
AI, automation, and architecture—see the features that power smarter risk and compliance.
Hub & Spoke
Proprietary architecture and deployment model designed to support advisors and federated teams with centralized control and local autonomy across entities or clients.
Integrations
Seamlessly connect with the tools you need to automate cybersecurity, risk, and compliance.
Automation & Intelligence
From real-time control monitoring to AI-driven insights, streamline compliance and decision-making with intelligent automation.
Marketplace & Content
Get access to 1,000+ official standards, regulations, and other content, plus apps and services—all in one Marketplace for GRC.
Hosting
Secure, compliant hosting your way: choose from public, government, dedicated, or customer-managed private cloud deployments.
Not sure which plan is right? Let’s map it together.
We’ll recommend the right plan pathway based on scope, frameworks, and rollout needs—or message us and we’ll point you in the right direction.
FAQs
Frequently asked questions
We've compiled the most important information to help you get the most out of your experience. Can't find what you're looking for? Contact us.
- A Hub is the central environment where you can manage multiple clients, entities, or business units. Each Spoke is an instance of the 6clicks platform, providing a separate environment that allows each client, entity, or business unit to operate independently while staying connected to the Hub.
- 6clicks offers flexible, all-inclusive pricing tailored to different types of organizations, from enterprises to advisors and MSPs. Costs vary depending on the size of your organization, the number of Spokes, and whether you need Assessment Only or Full Feature licensing solutions. Unlike other platforms, there are no per-user, per-module, or per-framework charges—and no hidden implementation costs.
- We offer a free, tailored walkthrough with our 6clicks experts so you can explore the platform, experience its core capabilities in action, and understand exactly how it aligns with your specific use case before committing to a plan. Simply sign up to get started and see how it works for your needs.
- Depending on your license type, you’ll have access to different levels of capability. An Assessment Only license covers core functions like audits and assessments, risk and issue management, and reporting & analytics. Meanwhile, a Full Feature Spoke license unlocks 6clicks’ complete suite of GRC tools, including compliance and control management, vendor oversight, and advanced features like Hailey AI and custom-built integrations.
- No. 6clicks provides full implementation and support at no additional cost. From day one, you’ll have onboarding and user/admin training, full access to our Knowledge Base and community, and ongoing product consulting. Each customer is also assigned a dedicated Customer Success Manager and technical point of contact to ensure adoption and a smooth experience. For partners, we also provide expert guides, co-marketing assets, and sales enablement materials to help maximize the value of 6clicks.
- 6clicks provides global hosting with instances in Singapore, Japan, Australia, Qatar, UAE, Germany, and the United States. To meet specific regulatory and organizational needs, we also offer a full range of options including public, private, dedicated, and sovereign cloud deployments, giving you complete flexibility to choose the hosting model that works best for your environment.
- For enterprise licenses, 6clicks provides unlimited users, vendors, assessments, and content with no restrictions. For advisors and MSPs, unlimited access is included with a Full Feature Spoke license. With an Assessment Only license, you still get unlimited users, content, and assessments, while vendor management is available when you upgrade to Full Feature Spoke.