This release is focused on improving visibility, transparency, and automation in the platform to accelerate assessment completions. Several enhancements were implemented this week to accomplish that, including:
- View Remediation details. Security Expert notes and recommendations are visible to both clients and vendors.
- Support tickets are now visible on Additional Notes widget of Assessment details page.
- Automated reminders to vendors to complete Assessment and, if necessary, to accept Remediation plan.
Here's an overview of each one:
A new remediation-focused view is now available from the Remediation tab, providing a consolidated overview of risk findings, notes, and expert recommendations – all in one place
- This single view provides easy access to remediation info across all assessments.
- Reminder that notes and recommendations are also available within the Security Executive Summary report.
- Vendors can also access these notes to speed up remediation.
For better internal collaboration, customers wanted more transparency on specific assessments. Now, view support tickets from colleagues via the Additional Notes widget on the Assessment details page.
- This aims to give visibility about the work being done on Assessments, providing a more comprehensive record of activities and progress for all your users and stakeholders.
To expedite vendor assessment completion, we introduced a set of time-based reminder emails. A few weeks back, we launched assessment reminders and are pleased to report that clients are noticing improvements, with vendors completing assessments faster.
- For any assessment that requires remediation, we are adding two sets of reminders. Available now are a series of three reminder emails for vendors to accept a remediation plan.
- These reminders are triggered when the remediation plan is awaiting vendor response. As needed, each reminder will go out five days apart. The final email reminder will trigger the remediation milestone to be escalated in the platform.
- Escalations are visible on the Dashboard and at the assessment level under the Assessment tab.
- The default is set to five day increments, but the cadence for the outreach is configurable.
- Similar to assessment reminders, any remediation reminder emails will automatically appear in the “Additional Notes” widget of a vendor assessment.
- The reminder email will include a link for the Vendor to quickly access the CORL Platform to take action.
- Coming in the next release will be reminders for specific remediation milestones once the plan has been accepted.
Clients will now have the option to accept a security certification (sec cert) from a vendor in lieu of completing an assessment questionnaire. This provides a streamlined process for both clients and vendors.
Our knowledge base is very comprehensive and has some wonderful articles, including these topics. Please browse around.
Each release also includes UI enhancements, updates to our Knowledge base, and performance improvements - speeding up the system processing times.