Versions Compared

Old Version 44

changes.mady.by.user Theresa Trevino

Saved on

compared with

New Version 46

changes.mady.by.user Theresa Trevino

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Isora v1.1.1

Bug Fixes & Improvements

Survey Comment Threads 

  • You now have the ability to add/edit comments, search comments and replies, and delete a comment or comment thread. 

  • Access the comment functionality through the chatbox icon next to a survey question or at the top right of the survey page to search comments. 

  • Filter comments to show only your own by clicking “Your Threads.” 

  • API Endpoint: api/commentthreads 

Ability to Disable the Settings Tab for Non-Admins 

  • Admins can now hide the “Settings” tab in the navbar for non-admin users. Non-admin users will only see their own Profile in the Settings tab. 

  • Contact the support desk to enable this setting. 

Default the Third-Parties Tab to Display Only My Deployments 

  • This feature queries vendors with my_deployments=True. 

  • Contact the support desk to enable this feature. 

Vendor Report Public Option Default 

  • If set to True (default setting), users can view reports only within their organization. 

  • If set to False, users can view reports across any organization. 

  • Contact the support desk to change this to False. 

Vendor Report Public Option Disabled 

  • If set to True, the vendor report public option is shown and disabled. 

  • If set to False (default setting), the option is shown and enabled. 

  • Contact the support desk to change this to True. 

Updated Permissions for the Vendor Requester Role 

  • Users with the Vendor Requester role can now create and delete Third-Party Vendor Deployments and Third-Party Assessments for their organizational unit. 

Third-Party Searchbar

  • Enhancements and bug fixes have been made to the Third-Party search bar for more seamless vendor and product searches. 

Assign a User to a Risk Register Entry 

  • You can now assign a user to a Risk Register entry. This field can be hidden if not needed. 

  • API Endpoint: /api/riskscores 

API Updates 

  • api/vendorproducts/csv/template 

    • Enhanced the CSV files by adding the “vendor_url” field to the vendor product CSV template. 

    • New vendor names inserted into the CSV that do not exist will be automatically created. 

  • api/commentthreads 

    • Added functionality to add comments, search comments and replies, and delete a comment or comment thread. 

  • api/reports 

    • Added a summary of NIST CSF Policy Scores for a NIST CSF survey report. Example snippet for the “Detect” policy:

Isora v1.1

May 10, 2024

Bug Fixes & Improvements:

  1. NEW Third-Parties Enhancements are now launched in the New UI:

    1. NEW and improved Third-Parties View

      1. Nested Table: Manage third-party vendors, their products, and associated deployments within their organization. 

    2. Search Functionality: 

      1. Search by Vendor and Product name in the search bar. 

    3. "Mine" Filter 

      1. Description: View deployments that are deployed by your org unit, owned by your org unit, or where you are listed as the owning user. 

      2. Access: See the profile icon on the top right. 

      3. API Endpoint: api/orgs/all?mine=true 

    4. Assessments Sidebar

      1. Function: View all assessments related to the Vendor Product within a dedicated tab. 

    5. Vendor Details Sidebar: 

      1. Create and Delete Vendor 

        1. Create Vendor: Added a “Create Vendor” button. 

        2. Delete Vendor: Enabled the ability to delete a Vendor. 

    6. Product Details Sidebar:

      1. Create and Delete: Enabled the ability to create and delete a Vendor Product in the sidebar. 

      2. API Endpoint: api/documentation endpoint enabled in the Vendor Product sidebar. 

    7. Deployment Details Enhancements

      1. Deployment Details sidebar

        1. Function: Displays editable fields from the api/vendorproductdeployments endpoint. 

        2. Can now delete a Deployment.

        3. Can view the Contacts tab.

        4. Column Management: Enabled the ability to show/hide columns.

    8. Vendor Product and Deployment Table View 

      1. Overview: Provides an overall view of important details about the Vendor Product/Deployment in a table format.

      2. Add Deployment: Enabled the ability to add a new Deployment in the Vendor Product sidebar. 

  2. Risk Register CSV upload.

    1. There was a bug with the Risk Register CSV upload, but it now correctly creates a new risk register entry with the existing Risk Category and Risk (from Settings). 

  3. We added support for Hidden Attributes in the Risk Register settings:

    1. Hidden Attributes options you can choose to keep hidden:

      1. 'Inherent_impact',

      2. 'Inherent_likelihood',

      3. 'Inherent_score',

      4. 'Target_impact',

      5. 'Target_likelihood',

      6. 'Target_score',

      7. 'Target_mitigation_control',

      8. 'Notes'

  4. We enabled the ability to edit these Risk Register field labels:

    1. Inherent Impact

    2. Inherent Likelihood 

    3. Current Impact 

    4. Current Likelihood 

    5. Target Impact 

    6. Target Likelihood 

    7. Notes 

    8. Target Mitigation Control 

    9. Current Mitigation Control

...