Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
maxLevel2


 Most Important Improvements

  • Reworked global user access roles: Reader is now true read-only; Creator became Contributor.

  • New assessment card: Visible control details and separate tabs to evaluate the Design and Operating Effectiveness.

  • Real-time email notifications: You can now receive immediate email notifications if someone left a comment on a request, task or assessment.

  • API integration:The first version of A beta version of our secure API integration is now available for testing.


 What’s New in v3.2

People Dashboard and Updated Global User Roles

True Read-Only Reader

We improved and clarified the capabilities for the global Reader role. True to the name, these users can read everything and can comment on items that display a Comments tab. However, they cannot be assigned to fields where actionable activities occur. If there are already users in a Reader role assigned to an object, they will remain in that field with all additional permissions prior to this rollout.

Creator Renamed to Contributor

Another role, Creator, was renamed to Contributor. This better describes the abilities granted and falls more in line with industry standards. The users in this role are usually asked to submit, verify or review evidence. They typically have full read and write permissions, but only for information to which they are assigned. This is a role suited for any outside personnel, such as external auditors, who don't need to view other types of activity in ZenGRC, such as your organization's vendors or risk management.


For additional information on permissions, please see Role-Based Permissions.

For instructions on using the People module, please see People / Roles.

New People Dashboard

The People dashboard now features a list view similar to other modules, which can be sorted and filtered. Column headings can be added or removed to customize information according to your needs. The page is also broken into tabs for the different available roles.


New Assessment Card

This release features additional design changes for assessments. The new view displays all necessary details directly on the card. The assessed control's information is always visible, with other pertinent information just a few clicks away.

Image Modified

Design and Operating Effectiveness tabs

Only one control can be mapped to an assessment. But since controls may be mapped to objectives from multiple programs, ZenGRC now provides a Design tab. This area shows all objectives to which the control is mapped and allows a comparison of the control description against regulatory requirements.

A control may also have several requests mapped to them, which could come from multiple audits. The Operational Effectiveness tab displays these requests, making it easy to review what was requested and whether the evidence provided is satisfactory.

Issue Creation Made Easy

If either the design or the operation of the control is insufficiently executed, or the submitted evidence is unsatisfactory, the assessor can create an issue directly on the assessment page.


Real-Time Email Notifications

In response to customer demand, comments on tasks, requests, and assessments are assessments may now be sent instantly to  to users playing a role on the object. This allows you to immediately view and respond to the comment, which keeps the momentum moving on audits or other projects. 

The option to enable instant comment notifications can be toggled on and off, so only organizations wanting that change need activate it.

Image Modified


API integration

To further integrate ZenGRC with your eco-system, we are developing a new API integration for ZenGRC cloud customers. Due to its complexity, we will gradually develop and release our API it over the next versions. In the current release, the API is limited to read-only for audit-related object types and for vendors. For further technical information of our API, please visit our developer portal: https://api-preview-v2.reciprocitylabs.com/If you're interested in beta testing, please contact us at support@reciprocitylabs.com or through the Support link in the bottom left corner of ZenGRC.



Microsoft OneDrive Integration 

Our enterprise Enterprise customers can now use Microsoft OneDrive as a storage integration option. This option is set on the Storage page and allows your organization to use OneDrive for all information gathered during evidence collection and other ZenGRC activities that require attachments.


Save Favorite Views

The new Favorites module addresses the pain of having to set up personal views with every visit to a page. Similar to browser bookmarks, favorites saving Favorites allow customized views to be saved for later selection. Once a favorite view is created, the Favorites link displays in the left-hand navigation with the new link only shown to the person who created it.


List View Improvements

The list view, which displays on all module home pages, has an option to display "Date created" and "Date modified" columns. These are view-only columns, meaning they can't be edited, but they can be sorted and filtered, just like other columns in the list view. These dates are calculated in UTC and also display a time stamp.

Another addition to the list view includes colored icons for the item statuses. Although the statuses have different names depending on the object type, the color coding allows a quick view of which items are in a finalized status, which is green, or a state that shows the item needs work, which is yellow.


Custom Attribute Additions

This release features a much-anticipated addition to custom attributes. Now, there is an attribute that provides a true multiple-choice selection. If there's a need to gather one or more responses to a question, the "Multi choice" option allows you to do so.

Other additions to custom attributes include "Integer" and "Decimal" options. Both fields only accept numerical values, but the "Decimal" attribute allows for a decimal point in the number, while the "Integer" does not.

Image Modified


IP Whitelisting

The IP addresses assigned to your instance may change from time to time, which impacts integrations between ZenGRC and other applications. So we're now providing a list of ZenGRC's public IP addresses along with recommendations for configuring your firewalls. For additional information, please see IP Whitelisting.



 List of Bug Fixes

  • Display informative error message when the integration between Google Drive needs additional configuration in order to work with ZenGRC.

  • Task descriptions correctly display bulleted and numbered lists.

  • Customized reply-to header in ZenGRC email now displays the customer's preference instead of "notifiactions@reciprocitylabs.com."

  • Addressed the timeout error shown when objects are bulk edited.

  • No access users cannot be selected in the user drop-down anymore.
  • On the questionnaire builder, it is now more visible which of the questions have missing information before the questionnaire can be saved.
  • Icon alignment on the questionnaire builder is now fixed.
  • Login issues in Internet Explorer browser are now fixed.



Image ModifiedComing in v3.

2

3+

  • New, easy to use audit setup wizard.
  • @-mentions in comments.

  • Enhanced Jira integration for task management.

  • Enhanced recurrence for audit-related objects.

  • Additional API functionality.

  • Editable statuses and stock attributes.

  • Additional real-time notifications for changes to tasks, requests and assessments.



Known Issues

Please see our currently known issue here.