RELEASE NOTES

Version 2022.05 (Not Yet in Production)

  • NEW: Multiple vendor product deployments can now be added to an Organization's product inventory (previously, OUs could only add one deployment per vendor product). A given owner org unit can now add three deployments to their vendor product inventory representing test, development, and production environments.

  • FIX: Improved error message when trying to save a duplicate vendor product deployment to an org.

Version 2022.04

  • NEW: Advanced Vendor Dashboard: Gives users the ability to filter on various question attributes, compare category averages between the vendor and the vertical average, and understand high vs low risk vendor answers.

  • NEW: Added questions complete count in vendor and app survey listing in Assessments > Open tab.

  • FIX: Staleness indicator on vendor survey listing in Assessments > Completed tab.

  • FIX: Disable report dashboard dropdown when there's only one report dashboard.

  • FIX: Updates Basic Vendor Report > Answers tab to display consistently between browsers. Firefox and Chrome previously displayed differently.

Version 2022.03

  • NEW: Automated documentation now available for API endpoints: https://myisoraurl/api/schema/redoc/. Users must be authenticated into Isora to have the ability to read the api documentation.

Version 2022.02

  • NEW: Users can choose from additional options to increase the number of Hosts displayed per page when viewing a Sheet.

  • NEW: The filter popover menu has been redesigned on the Sheet view page.

  • NEW: Users and Vendor Requestors can now create and view exception requests for hosts on which they've been added as a delegate.

  • FIX: Users can now download attached files in completed assessments as expected.

Version 2022.01

  • NEW: New vendor assessment surveys now default to allow report to be viewed by others. This allows users who may be interested in a specific vendor to assess the vendor using the existing report.

  • FIX: Deleting vendor surveys from the Assessments page now works as expected.

Version 2021.12

  • NEW: As part of a settings config update, users can now view the Isora version in the bottom right-hand version on the Settings panel.

  • NEW: Org Unit Assessment survey types can now be deleted through the API by system admins. This functionality is in addition to existing delete capability by various roles for vendor and application assessments. 

  • NEW: CMMC Dashboard updates - Adding question criticality filter to Detailed Control Breakdown filters (to be able to search by most critical controls). Added Unit to front of report header.

  • NEW: Added column to QuestionLists page to show target types

  • FIX: fixed capitalization issues

  • FIX: replaced Type with Series

  • FIX: fixed output display of question list target type

  • FIX: Tooltip improvements

Version 2021.11

  • NEW: Users can bulk apply a Classification value to multiple hosts on a sheet using the Bulk Action drop-down selection menu. If the user selects the “Confidential” data classification from the pop-up window, then they will also be presented with the option to select data category values to bulk apply to the hosts.

  • NEW: When choosing to import previous answers at survey launch, all available previous answers will be imported regardless of any changes made to the underlying questions since the last survey took place. This assumes that most questions get edited to update language, correct errors, or adjust answer requirements, but leaves the intent of a question the same. If an imported answer fails to meet the updated intent or requirements of a question, the user will need to take action to meet those requirements.

  • NEW: Added ability for user to switch between the Comparative (default) and DFARS & CMMC (New) dashboards. The dashboard searches specific tag frameworks (NIST 800-171, CMMC Level, SPRS) to show a complete dashboard with SPRS Assessment Score, and a breakdown of NIST 800-171, CMMC Levels 1, 2, and 3. In the detailed control breakdown, users are able to search/filter questions, answers, categories and statuses.

  • NEW: Acknowledging a survey brings policies into the report data endpoint.

  • NEW: Isora Admins can now create asset statuses via the API and apply one or more to a vendor product via the UI. New status endpoint /api/assetstatuses.

  • NEW: Admins can now specify which notifications they want to send to users.

  • NEW: Users can bulk delete multiple hosts from a sheet using the Bulk Action drop-down selection menu.

  • NEW: Users can bulk apply a System Type value to multiple hosts on a sheet using the Bulk Action drop-down selection menu.

  • NEW: Users can bulk apply a Priority value to multiple hosts on a sheet using the Bulk Action drop-down selection menu.

  • NEW: Users will now see more-helpful context messages in confirmation dialogs when deleting certain assets from Isora GRC.

  • NEW: When disabling former users, disabled users will also be removed from all App and Vendor Product Deployment-related listings.

  • FIX: When canceling a bulk action, the bulk action dropdown menu will be disabled and greyed out.

  • FIX: Searching for hosts now works as expected.

  • FIX: Editing vendor products now works as expected (admin role only).

Version 2021.10

  • NEW: Expanded vendor inventory management capabilities – allowing units to create and manage local metadata for their respective vendors.

  • NEW: UI will now check for an answer and explanation before prompting the user to attach a file on an assessment question.

  • NEW: Users can now see additional metadata about duplicate hosts (e.g., by MAC, by IP, by sheet).

  • NEW: Users will no longer see Technical Contact and Delegate links on Open Unit and Application Assessments when the count of Technical Contacts and Delegates equal zero.

  • FIX: Corrected a problem where org unit question responses weren't correctly downloading as a CSV.

  • FIX: Corrected an issue where a report wouldn't appear on the reports page once an assessment was completed unless a hard browser refresh was triggered.

  • FIX: Users will now receive an improved error message when creating a new assessment.

  • FIX: api/metadata endpoint will now return data. Fixes bug after vendor/assessment merge.

  • FIX: The Vendor Product Description field has been expanded so users no longer need to scroll when viewing longer descriptions.

  • FIX: The App Description field has been expanded so users no longer need to scroll when viewing longer descriptions.

  • FIX: The Settings > Question Configuration > Question List treeview listing indents child questions appropriately.

  • FIX: Report csv downloads will now show question ID, which will allow users to find the text of the parent question.

  • FIX: Issue with a spinning hourglass when selecting the tree view in the Question Configuration section has been resolved and selecting the tree view now works as expected.

Version 2021.09

  • NEW: Users can now attach documentation to surveys with file names of up to 250 characters.

  • NEW: Users can now add a description to sheets.

  • NEW: New sheets that have never been edited now say “never edited” instead of showing the created date.

  • NEW: Users can now filter hosts by “seen_after” in API.

  • NEW: Improved save workflow on the Notifications page and added clearer success messaging.

  • NEW: Updated capitalization on delegates listing and host categorization page to be consistent with other UI style elements.

  • FIX: Moving hosts in bulk from one inventory sheet to a new inventory sheet, now works when choosing from the sheet suggestion list.

Version 2021.08

  • NEW: Super users can now enable API access when creating a new user as expected.

  • FIX: Assessments page will now refresh open assessments when a new vendor assessment is added.

  • FIX: Uploading and downloading documentation on external vendor survey links now works as expected.

  • FIX: Links to download attachments on answers in reports now works as expected. The issue was incomplete data available to the page when rendering to get to the proper download destination. Test coverage now includes checking for this necessary information.

  • FIX: Notifications now send to assessment managers and superusers on vendor/app survey final acknowledgement.

  • FIX: Sheet CSV exports now properly export the “category” field now as a nested CSV.

  • FIX: Allow org unit type assessment creation to progress beyond the first dialog page.

Version 2021.07

  • FIX: Shared Vendor Surveys now have a unique UUID for each organization that is able to view the survey.

  • FIX: Some host sheet downloads were failing due to Django update; issue has been fixed so that all host sheets download as expected.

  • FIX: Csvs upload as expected.

Version 2021.06

  • NEW: Settings UI updates.

  • NEW: Allow "enter" to activate the As-User form.

  • NEW: Allow As-User form to search users by name.

  • NEW: Allow moving hosts from one sheet to another.

  • NEW: As part of Location serialization, include number of assets in that location.

  • FIX: Updates to various builtin help texts.

  • FIX: Highlighting duplicated hosts in a more obvious way.

  • FIX: Prevent host info popup from appearing if user has selected text.

  • FIX: Return a more specific error (rather than 500) on user creation attempt when missing attributes.

  • FIX: Handle deletes of Locations more gracefully.

  • FIX: Allow searching of sheets to filter only sheet metadata (rather than linked assets as well).

  • FIX: Update dependencies, including to Django 3.2.

  • FIX: Bug wherein a user sheet owner might not see hosts in the express view.