Skip to main content

2025 Q2 Release Notes

Emily Makroy
Updated

Releases that occurred throughout the Second Quarter of 2025.

 

June 2025

June 18 Release

What's New

  • Additional Registered Users on the Share/Request Forms – Expanded the number of registered users displayed on the form to up to 5 users. The user requesting/sharing data will still choose which users to select and can add additional recipients.
    • Request Form – Up to 5 registered users, if available, with the account administrator or data request authorizer role
    • Share Form – Up to 5 registered users, if available, with the account administrator or third party portfolio manager role.
  • Third Party Portfolio Relationships Download
    • Filtering in Excel enabled by default
    • Freeze top row enabled by default
    • Added vertical lines to visually separate Access in Portfolio and Available in Exchange columns

  Resolved Issues

  • Migrated Comments Missing Time Stamp - When a third party with a pre-existing legacy questionnaire migrates their data to the new questionnaire, the original timestamp on any pre-existing comments was not persisting but instead was getting replaced with a timestamp of the time of migration. This bug fix ensures the original time stamp of any legacy comments is preserved and presented to third parties, customers and assessors.

June 11 Release

What's New

  • Quick Filters on Third Party Portfolio and Customer Portfolio – Enhanced the filtering user experience in the portfolios to enable users to quickly filter for the most common use cases. The chips at the top of the portfolio are now ‘quick filters’. Select one or more chips to easily filter the portfolio. Users can still manually add filters or add additional filter criteria.
    • Requests/Shares tab – Ex: To easily see all outstanding requests, select ‘Outstanding’ and ‘Requests’
      • Outstanding – Requests and shares in a Pending or Approved status (still require authorization or actions on the request to be completed)
      • Completed – Requests and shares in a Delivered or Archived status (the customer currently has access to the data for these requests/shares)
      • Requests – Request types (assessment request, validation request, document request). This new chip was introduced with this change.
      • Shares – Share types (assessment share, validation share, document share). This new chip was introduced with this change.
      • No Request or Share – Active relationships in the portfolio without an open request or share
    • Relationships tab – On Third Party Portfolio only
      • Active – All Active Third Parties
      • Archived – All Archived Third Parties

 Resolved Issues

  • Risk Profile Report Download Failing – Fixed an issue where the Risk Profile PDF and Spreadsheet Downloads silently failed for company names with special characters, due to the company name included as part of the file name. File names have limited support for special characters.
    • Replaced characters the file name cannot handle with #
  • Add a New Company – Adjustments made to logic when a new company is added to find a matching company more consistently or create the new company if no match is found.

June 4 Release

What's New

  • Third Party Portfolio Relationships Download
    • Ability to download all active relationships in the Third Party Portfolio and the following information:
      • Relationship tab Information currently visible in the Portal UI, as well as Company ID and Relationship Start date
      • Inherent Risk Information, including whether it is Automated or Confirmed
      • Access in Portfolio Information, indicating if the customer has access to any Attested or Validated data currently
      • Available in Exchange Information, indicating if the third party has any Attested or Validated data on the Exchange
    • Please note the download file may take several minutes to generate

  • Email Updates

    • All request/share emails and claim email have been updated to:
      • Send a single email with an individual in the ‘To:’ (registered user if available) and additional recipients in the ‘Cc:’. This enables all recipients to see other recipients that received the email. Prior to the update, individual emails were sent to each recipient.
    • Pending request/shares email includes information in the email content for up to 5 account administrators (if available) at the company. This provides email recipients, who are not registered users, the administrator’s information so they can follow up to request system access. Note: the administrators only receive the email if they are selected as a recipient by the initiator.

 

May 2025

May 28 Release

What's New

  • Pending Approvals on Questionnaire Dashboard - Update to the pending approvals banner to provide the ability for a third party to view all pending requests and approve directly from the Questionnaire Dashboard.

  • Ability to approve/deny multiple requests for a company - When clicking approve/deny on a request where other requests exist for the same company, the user will now be presented with a dialog that allows them to approve/deny all requests simultaneously.

    • This functionality is available across the Questionnaire Dashboard, Customer Portfolio, and Third Party Portfolio.

  • Claim Company - First name and last name of user is now required as part of new company registration

Resolved Issues

  • Firmagraphics – Addressed issue where companies were unable to update their address
  • System timeout – Addressed issue where user did not consistently receive timeout warning and user was not auto logged out when timeout limit reached.

May 21 Release

 What's New

  • Questionnaire Dashboard - Questionnaire Navigation Risk Domain Consolidation
    • The Risk Domains that companies see when using the Questionnaire Navigation will now align with the Risk Domains (Framework Groups) customers see when selecting the “ProcessUnity Cyber Risk Questionnaire” framework in the Risk Navigator
  • Questionnaire Dashboard – Minor text updates for clarity and styling updates for consistency
    • Renamed ‘Requests and Shares’ to ‘Outstanding Requests and Shares’
    • Added ‘Questions Review’ label to questions table
  • Third Party Portfolio Relationships tab – Removed ‘Delivered Requests’ and ‘Have Requested’ chips from the Third Party Portfolio Relationships tab. Please use ‘Requests/Shares’ tab for request specific information.

 Resolved Issues

  • API V2 - View the companies in your third party portfolio/View a company in your third party portfolio - Addressed issue where, in a specific scenario, data available in exchange was not providing validation as ‘true’ and populating validation attestation date when validation was available on the Exchange. This addressed a scenario that was not covered in the update in the April 2 release.

May 14 Release

What's New

  • Alert to TPs Initiating Validation w/o Uploaded Evidence - A new modal will now appear when a TP attempts to submit their questionnaire and selects "ready for validation" without (a) uploading any documents or (b) uploading new documents. This modal is intended to:
    • help alert TPs of this necessary step
    • reduce the number of false positives around "ready for validation
    • provide TPs a way to indicate they want to review evidence without uploading documents

Resolved Issues

  • Questionnaire Dashboard Filtering - Resolved an issue where the Question/Answer Review table on the Questionnaire Dashboard page did not return correct results when filters were applied.

May 7 Release

What's New

  • Read Only Role - Read Only Role has been enabled in the Exchange portal. This will be the default role assigned to new SSO users. Additionally, users assigned to this role will be able to login to their company's profile but will not be allowed to:
    • Request/Share Data
    • Authorize Data
    • Edit/Delete Data
  • Improved Platform Emails - Emails sent directly from the Exchange platform to Third-Parties (i.e. claim company, new assessment request, etc) have been refined to improve the user experience by including clearer instructions around next steps and calls to action. This should help facilitate faster and more successful Third Party engagement at critical points in value delivery to their customers.

Resolved Issues

  • Missing Validation Comments - Reports of legacy comments not migrating over to Live Assessment instances have been resolved. Third Parties and Assessor Ops teams should now be able to view/edit/delete all previously provided comments.
  • Third Party Manager Role Accessing Customer Portfolio - Users with the Third Party Manager role will still be able to access and view the Customer Portfolio, but will no longer be able to approve/deny or revoke access requests on the Customer Portfolio. Only users with Account Admin, Customer Portfolio Manager, and/or Data Request Authorizer roles will be able to edit data access requests on the Customer Portfolio. 
  • Terms of Use Not Loading - Resolved an issue in which the TOUs were not loading on the login page for users who already accepted. 

April 2025

April 16 Release

What's New

  • Monitoring Tab Language Clarification - Minor label updates on the Company Profile -> Monitoring tab to clarify the type of data displayed.
    • Perimeter Scanning, Powered By: Risk Recon
    • Threat Intelligence, Powered By: Recorded Future
  • Count of Authorized Attested Metrics - Updated the count logic for the numerator of authorized and attested metric questions on the Risk Profile PDF Report to better align with metric question counts on the Company Search and Request Form. Previously only metric questions that were explicitly answered were counted (required the parent control to be answered "Yes"). Now controls that are answered "No" or "NA" also have their child metrics counted. 
    • This change is also coming next release to the Risk Profile Spreadsheet Report and the get /v2/portfolio/third-parties/{company_id}/risk-profile "cyber_metrics_attested" field

Resolved Issues

  • Pending and Approved Validation Request Details (Drawer) – Addressed issues where the validation request steps were not correctly displaying the progress of validations. This is an additional update to the April 2 release for a specific scenario.

April 9 Release

What's New

  • Company Search – Company search logic has been updated and significantly improves the ability to find an existing company on the Exchange. This logic is implemented in both the user interface and via the API. Changes include:
    • Company name - When searching for a company by name, full word text searching is utilized to identify matches on whole words within the company name. Previously, the full name of the company had to be entered to identify matches.
    • Company domain – Entering a company domain will continue to return the best results
    • Similar companies – If similar companies are found in searching by name or domain, the company with an attested assessment will appear higher in the list than a company without an attested assessment.
  • Risk Navigator Quick Views - Created clickable views at the top of the risk navigator table to assist users quickly get to the data in their desired context. Upon click of a view, the table updates columns shown, sort order, and filters. Users can still update the view manually. Also added Question Prompt to the table (was previously only available in the View More drawer) and make the default table size 50.
    • Cyber Controls: Deep dive into the Cyber Controls and discover impactful findings
    • Validation: Review the Validation outcomes to uncover discrepancies
    • Frameworks: Explore risk through preferred framework mappings

Resolved Issues

  • Delivered Requests – Updated requests to the correct status of ‘Delivered’ rather than ‘Approved, for a small percentage of requests where all the steps were completed.

April 2 Release

What's New

  • Improvements to Questionnaire Dashboard “Submit for Validation” User Interface
    • The ‘Ready for Validation’ checkbox is unchecked by default. The user must manually check this field to initiate validation.
    • Upon submitting with the checkbox unselected, the user sees a confirmation dialog warning that a validation request exists - “Did you mean to submit for validation…”  and are then required to select ‘Submit Without Validation'.

 Resolved Issues

  • Pending and Approved Validation Request Details (Drawer) and Advanced Reporting – Third Party Portfolio Request/Share Details - Addressed issues where, in certain scenarios, the validation request steps were not correctly displaying the progress of validations.
    • Example: the step details were reflecting data from the prior year when the last validation date (assessor attestation) was greater than 1 year and the data recency requirement was ‘Up to 12 months’.  This now correctly displays the correct step in the validation process. For example, the third party may need to ‘Submit for Validation’.
  • API V2 - View the companies in your third party portfolio/View a company in your third party portfolio - Addressed issue where, in certain scenarios, data available in exchange was not providing validation as ‘true’ and populating validation attestation date when validation was available on the Exchange.
  • Company Search – Addressed issue where last validation date was not displayed on company card for all companies with validation
  • Request/Share Approval – Addressed error that occurred, in certain scenarios, on request or share approval

 

Was this article helpful?

0 out of 0 found this helpful
Return to top

Related articles