In this release we have focused on improving the auditability of risk maps. We have also released minor changes and fixed a few bugs.
Specifically, we have rolled out the following:
- As promised last year, we have now improved how the historical view of the risk landscape is shown. Since the 1st of January we store all changes to risk assessments in Impero. Building on that, we now have a new tab – “Historical Data” where risk managers have access to the historical view of a given risk map. You can select any date and see how your risk landscape and the single risk assessment looked like at the selected date. This allows you to toggle between the current and past risk map while comparing the two.
- We have introduced an email notification to control contributors when the review cycle of their performed control has ended. The notification is optional, and the reviewer can decide whether to include their comments in the notification to the contributor.
Miscellaneous
The default access right when granting access to a control program list has been changed from “Edit” to “View” in line with what is applicable on the rest of the Impero platform
In order to strengthen the security of the platform we have introduced a shorter time limit to the invitation to register on the platform and to the reset password link. The invitation to register now expires after 30 days and the reset password link after 24 hours.
Bugfixes:
- Fixed a bug where, when exporting controls, the column names were sometimes exported in the wrong language.
- Fixed a bug where the search on the risk map did not work in some edge cases
- Fixed a bug where control results were not shown correctly in reports in case the control had been renamed.
- Fixed a bug where control contributors erroneously were able to access the controls performed by members of their User Group by clicking on ‘View Previous’ control results.