Ciso Logo
Ciso Logo

Release 3.15.0

Published: December 7, 2021Last updated: March 25, 2024

  • Aggregated reports
    • New reporting feature that allows users to combine several SoA fulfillment reports or internal control plans into one aggregated report.
  • Internal controls
    • In addition to the yearly planned events from internal control plans, it is now also possible to create separate one-time events that are not part of any Plan.
  • Risk management
    • Introduction of risk categories which can used to categorize risks and build threat and vulnerability catalogues based on categories.
    • It’s now possible to close a risk to reflect the possibility that the risk cannot occur under current circumstances. It is also possible to re-open the risk if circumstances change.
    • Risk mitigation activities are now shown in a new tab on the welcome page.
    • Suggested risks (from a combination of vulnerabilities and threats) belonging to specific catalogues can now be viewed and used as starting points for risk identification.
  • Various updates
    • It is now possible to remove inherited responsible persons from processes.
    • When clicking on a SoA-control in an Internal Control, the actual control text is shown immediately.
    • Risks and risk mitigations can now be tagged.
    • Referenced controls can now optionally be shown as a table column in a SoA.
    • Security control text can now optionally be shown as a table column in a SoA.
    • When associating vulnerabilities and threat, parent catalogues are now shown in the dropdown.
    • Creation date can now optionally be shown as a table column in risk tables.
  • Bugfixes
    • Fixed a bug that occurred when trying to filter risk mitigation tables by risk id.
    • Fixed a bug where a selected value was not always bolded in select dropdowns.
    • Fixed a bug where generated Internal Control Events were not always properly shown as planned or overdue.
    • Fixed a language-related problem with filtering in some tables showing security controls.
    • Fixed a problem that could occur when editing an identified risk which did not have an associated asset.
    • Risk mitigations are now correctly sorted according to deadline date.
    • Readded missing sortable headers in SoA report.
    • Removed the option to connect vulnerabilities and threats without risk permission.
    • Fixed a bug where non-admins were not allowed to connect vulnerabilities and threats.