Releases that occurred throughout the First Quarter of 2024.
March 2024
12.64.0 Release - March 27th
Risk Monitoring Updates - Very High Critical Rules
- We have updated our Risk Monitoring and Alerting to include Very High Critical rules from Recorded Future
Bugs:
- Some Third Parties had been assigned an inaccurate business classification previously; those have been updated to match the correct business classification.
12.62.0 Release - March 13th
Password Policy Change
Our password policy has been revised to only include a length requirement of at least 12 characters. Users can now create a password without including uppercase letters, lowercase letters, special characters, or numbers.
12.61.0 Release - March 6th
Assessment Completion Dates Added to Company Profile Pages
On the Risk Profile tab of Company Profile Pages, the assessment submission date and the validation completion date are now listed for reference, when applicable.
February 2024
12.60.0 Release - February 28th
Bugs:
-
- SSO users’ access to their vendor’s third-party documentation has been restored and can open it again.
January 2024
12.56.0 Release - January 31st
NEW!! Risk Navigator
Risk Navigator is now available for all users on the ‘Risk Profile’ tab of Company Profile Pages. This feature enhances the existing Framework Mapper functionality by including the following:
- An in-platform table view of the framework mapping results that supports extensive customization of the data being displayed within and its overall format.
- The table consolidated data points found previously across the Company Profile Page, such as control findings, mitigation strategies, more granular validation insights, MITRE tactic data, and conflicting responses.
- Predictive findings were previously limited to the top five control findings, this has been expanded so you can view all findings associated with a predictive assessment
- Finding scoring logic was enhanced to treat Critical Controls more severely, refer to this document for more details.
- All of these additional data points will be accessible in the excel download as well in a CSV table export. The CSV table export option is helpful for capturing a snapshot in time of the exact table sort order, the column order, the columns being displayed, and any filters you had applied at the time of exporting the data.
Refer to this overview document as well as a helpful FAQ to gain more insights into how to use this feature and these changes.
The following changes will also be observed throughout the Company Profile Pages. These changes were made in order to best consolidate and remove redundant features whose data is now included in Risk Navigator (ie Findings data, validation data, etc.).
-
New tab order:
- ‘Risk Profile’
- ‘Assessment’
- ‘Documents’
- ‘Company Information’
- ‘Monitoring’
-
Updated tab contents:
-
‘Assessment’
- Includes all previous features in addition to the MITRE tactics coverage chart that was found previously on the ‘Findings’ tab
-
‘Documents’
- Consists of the ability to request and view third party documents
-
‘Monitoring’
- Consists of Risk Recon and Recorded Future widgets
-
‘Assessment’
Similarly, now redundant features that were once found on the ‘Results’ tab of the Assessment Dashboard have been removed, such as the Findings table and the Validation results. Third party’s can find these equivalent data sets on their own Company Profile Page within the Risk Navigator feature.
12.55.0 Release - January 24th
New Auto Inherent Risk (AIR) indicator within Impact Questionnaire
We are excited to introduce the Auto Inherent Risk indicator on the Impact Questionnaire which will be tailored for each company’s industry. This option has been designed as the default response within the Inherent and Residual Risk calculations. It is the most frequently chosen response and serves as the default in cases where an answer is not provided. This enhancement aims to streamline risk assessment processes and ensure efficient decision-making.
Bug:
The issue surrounding the stalled ‘Potential Risk Digest - 3rd Party Risk’ emails have been fixed and they will be delivered as usual on Wednesdays. This week will include all alerts as of 1/3/24.
12.52.1 Release - January 9th
Bug:
Action Required tab was incorrectly showing duplicate statuses with different Triggered Dates for the same Third Party, this has been resolved and should no longer show duplicate statuses.
Comments
0 comments
Please sign in to leave a comment.