Release Notes - 2023-AUG-10
Added
Requirement assessments
Requirement assessments are now available to all organizations.
As part of this change, there is now an Assessments module in the left menu. All assessments can be found there, including control assessments, which were previously listed in the Audits module.
Report exports and CSV import capability will be included in a future release.
Work items
Audit requests are full-fledged work items in Hyperproof and available to all organizations. This means they have the same functionality as other work items, such as issues and evaluations. See Release Notes - 2023-JUN-29 for additional details on this feature.
The Known limitation causing the export to XLSX to be missing the ID column in the output XLSX file has been addressed.
A Requests tab in the Work Items area will be included in a future release to make it easier for users to find and view their requests.
Proof
Proof now has a read-only facepile. This allows users to understand who has access to the proof, what type of access they have, and why they have it. A fully functional facepile, where users can be added and removed, will be included in a future release.
Improved
Hypersyncs and integrations
Updated Hypersync: There are two new services listed in the Azure service list with three new proof types each:
SQL Server
Backup Retention Days
Connection Security
Minimum TLS version
Azure Database for MySQL
Backup Retention Days
Connection Security
Minimum TLS version
Updated Hypersync: Microsoft Entra ID (formerly Azure Active Directory). Added support for a new proof type: Password Protection.
Program frameworks
New framework: Bank Secrecy Act Compliance Program (BSA). This framework includes regulations and illustrative controls covering selected regulations from Title 31 Chapter X and Title 12 Chapter I. It includes regulations addressing Customer Identification Program (CIP), Customer Due Diligence (CDD), Anti-money Laundering (AML), Enhanced Due Diligence (EDD), Currency Transaction Reports (CTR), Suspicious Activity Reporting (SAR), and others.
New framework: FFIEC Cybersecurity Assessment Tool (CAT). In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council (FFIEC) developed the Cybersecurity Assessment Tool (Assessment), on behalf of its members, to help institutions identify their risks and determine their cybersecurity maturity. The content of the Assessment is consistent with the principles of the FFIEC Information Technology Examination Handbook (IT Handbook), the National Institute of Standards and Technology (NIST) Cybersecurity Framework, and industry-accepted cybersecurity practices. The Assessment provides institutions with a repeatable and measurable process to inform management of their institution’s risks and cybersecurity preparedness.
New framework: Adobe Common Controls Framework (CCF). This framework helps protect Adobe's infrastructure, applications, and services, as well as helping Adobe comply with several industry-accepted best practices, standards, regulations, and certifications.
Addressed issues
Fixed an issue where certain activities in the Activity Feed caused unexpected errors for affected customers.
Fixed an issue that occurred when changing a custom field from not required to required in an organization with many affected objects.
Fixed an issue with sorting the proof grid where the user interface displayed duplicate proof types.
Fixed an issue with creating an audit from another audit, where assignees were not duplicated in the new audit.
Fixed an issue where repeating tasks created from an individual task did not repeat.
Fixed an issue with the Microsoft Intune Hypersync that caused a 400 Bad Request error.
Fixed an issue where the LiveSync option, folder sync, didn’t work in program requirement proof.