Risk & Compliance Reporting
Compliance Dashboard
The new Compliance Dashboard allows executives, information security officers, and security and compliance teams to easily monitor, track, and review compliance and remediation statuses and scorecards within a relevant program, all in one place. Charts include average, lowest, and trending compliance scores, the number of open assessments and mitigations, and more.
Dashboard filters are saved for the currently logged in user, so they don't need to be applied each time the dashboard is accessed. Filters include Program, Criticality, and Hierarchy Levels 1 through 3. The Compliance Dashboard is highly flexible and can be used to report on business units at various levels, including an entire organization, a division, and a department.
Risk-Related Enhancements to Assessments Domain
Recent enhancements to the Assessments domain now makes it possible to create a number of new risk-related reports using new fields, including Risk Score, Compliance Score, Overall Impact, Overall Likelihood and more.
Remediation-Related Features
Batch Workflow Transition
The new Batch Workflow Transition action allows users to move up to 50 objects to another workflow stage in bulk, making it quick and easy to transition tickets, findings, exceptions, or incidents that are in the same stage through a single action.
Batch Edit Tickets
Users can now edit the modifiable fields of up to 50 tickets at once with the Batch Edit Tickets action.
Hide Action & Comment Required Workflow Options
With the new Hide Action and Comment Required options, actions can be hidden in the Workflow section of an object (when a transition is automated and doesn't require any action from end-users) and comments can be marked as either mandatory or optional.
Additional Threat & Exploit Data Fields
Exploit Date Fields
Exploits now show the dates the exploit was added and last updated via the new Date Added and Last Updated Date fields.
Threat Intelligence Fields
The General tab in a Threat object page has three additional read-only fields from the FireEye connector: Risk Rating, Exploit Rating, and Exploitation inTheWild, all three of which provide important information about the risk of a vulnerability.
Enterprise Risk Manager Usability Enhancements
Program Name
The grid on the Risk Register page has a new Program column that displays the program name. Additionally, clicking on a risk will open the Risk Details page in a new tab in your browser, where the program and assessment name are also displayed.
Additional Fields on the Risk Details Page
To provide greater context when looking at the Risk Details page, we have added fields for both program name and assessment name.
Minor Version Upgrade Installer
This new installer allows users to perform minor upgrades of the the third-party software needed to run the latest version of RiskVision, preventing the need to download and install updates individually.