Page Comparison

Isora v1.1.2

What's New

Added Vertical Score to Categorical Overview: Introduced the vertical score in the Categorical Overview of assessment reports, showcasing how the target performed relative to the Assessment Mean in each category. Category scores are calculated by averaging the question scores within each category.
- API endpoint: api/report/<uuid>
CSV Uploader for Vendors and Vendor Products: Implemented the capability to upload Vendors and Vendor Products using a CSV uploader in the Inventory/Third Parties tab.
- Import API endpoints: api/vendors/csv and api/vendorproducts/csv
- Template API endpoints: api/vendors/csv/template and api/vendorproducts/csv/template
Third-Party Report Header in PDF Exports: Added the Third Party Report header and deployment details to the PDF export for completed assessments.
Read-Only Comment History: Enabled read-only comment history in report responses.

Bug Fixes & Improvements

Third-Parties Inventory Download: Fixed a bug when downloading the Third-Parties Inventory that was missing the Vendor URL field. Downloads of Third-Party Inventory are now seamless.
Third-Party Vendors Search Bar: Further optimized the search functionality within the Third Party Vendors section.
Vendor Score Calculation: Fixed a bug that affected the calculation of the vendor score average by product latest score. The average is now correctly calculated based on the most recent score.

API Updates

Enhanced Reporting Capabilities:

api/reports/all?assessment_id=<assessment_uuid>
- Enabled the ability to pass the Assessment ID to the reports/all endpoint.

api/reports/<report_uuid>

Code Block
"vertical": { "current": [ { "name": "01. Documentation", "parent": "parent_uuid", "mean": 100.0 },

Bug Fixes & Improvements

Survey Comment Threads

You now have the ability to add/edit comments, search comments and replies, and delete a comment or comment thread.
Access the comment functionality through the chatbox icon next to a survey question or at the top right of the survey page to search comments.
Filter comments to show only your own by clicking “Your Threads.”
API Endpoint: api/commentthreads

Ability to Disable the Settings Tab for Non-Admins

Admins can now hide the “Settings” tab in the navbar for non-admin users. Non-admin users will only see their own Profile in the Settings tab.
Contact the support desk to enable this setting.

Default the Third-Parties Tab to Display Only My Deployments

Vendor Report Public Option Default

If set to True (default setting), users can view reports only within their organization.
If set to False, users can view reports across any organization.
Contact the support desk to change this to False.

Vendor Report Public Option Disabled

Updated Permissions for the Vendor Requester Role

Users with the Vendor Requester role can now create and delete Third-Party Vendor Deployments and Third-Party Assessments for their organizational unit.

Third-Party Searchbar

Enhancements and bug fixes have been made to the Third-Party search bar for more seamless vendor and product searches.

Assign a User to a Risk Register Entry

You can now assign a user to a Risk Register entry. This field can be hidden if not needed.
API Endpoint: /api/riskscores

API Updates

api/vendorproducts/csv/template
- Enhanced the CSV files by adding the “vendor_url” field to the vendor product CSV template.
- New vendor names inserted into the CSV that do not exist will be automatically created.
api/commentthreads
- Added functionality to add comments, search comments and replies, and delete a comment or comment thread.
api/reports
- Added a summary of NIST CSF Policy Scores for a NIST CSF survey report. Example snippet for the “Detect” policy:

May 10, 2024

Bug Fixes & Improvements:

...