Truyo product release version 6.8.0

Updates:

  1. AI Assessment and Capability (11529):
    • Introduced the AI risk assessment tool, extending the capabilities of the Truyo platform.
    • This tool enables clients to comprehensively evaluate the usage and risk associated with AI within their organization.
    • Unlike conventional assessments, this introduces a scan-and-verify assessment to our platform.
  2. Extended Visibility for Open Vendors (11655):
    • Open vendors can now access task information for up to 30 days after a request has been closed.
  3. Improved Error Message Handling (11496):
    • Enhanced error message handling to display more informative messages in persistent banners.
  4. Additional Details for Fixed Download Request Report (11671):
    • Added extra information to the fixed download request report to provide a more comprehensive overview.
  5. Expanded Request Type Options for Regulations (11697):
    • Included additional request types in the optional section of all regulations, giving you more flexibility in your compliance processes.
  6. Quiklink Failures in Persistent Error Banner (11698):
    • Quiklink failures are now included in the persistent error banner for improved visibility and issue resolution.
  7. Vendor Regulation/Save Workflow Update (11735):
    • Updated the vendor regulation/save workflow, making request processing off by default.
    • Regulation selection is no longer mandatory when saving a vendor.
    • An alert message will prompt users to select supported request types if a regulation has been chosen.
    • This update accommodates the addition of vendors for assessment-only purposes that won’t be handling requests.
  8. Privacy Center Workflow (11735):
    • Implemented an updated workflow within the Privacy Center.
    • This workflow aligns with existing organization settings and features regarding requests supported and cookie consent management.
  9. Quiklink not loading table columns in the UI to configure rules (11740)

    1. Addressed an issue where Quiklink was not loading table columns in the UI for rule configuration.
    2. To improve user experience and accommodate very large data sets that were causing timeout errors, we have revamped the design of the table columns page.
    3. This enhancement ensures a smoother page and data load process, enhancing overall performance and usability.

Security Updates:

  • We continue to proactively implement security measures as part of our comprehensive security plan. To date, there have been no reported security breaches or attacks related to the addressed issues.

Security Patch:

  • No security patches are included in this release.

Infrastructure Updates:

  • There are no infrastructure updates in this release.

Bug Fixes:

  1. Cookie Preference Module Theme Color Fix (11453):
    • The toggle on the cookie preference module now correctly matches the organization’s theme colors.

Hot Fixes:

  • The following issues have been resolved from the 6.7.0 release:
  1. Special Characters for French Translations (11801, 11796):
    • Special characters have been enabled to support accurate translations for French in verification answers and email template subject lines.
  2. Special Characters in Vendor Names (11797):
    • Special accent characters are now accepted in vendor names.
  3. Language-Specific Character Issue (Not Specified):
    • An issue where special accent characters for certain languages were not displaying correctly in name fields has been addressed.
  4. Quiklink Display Issue with Azure AD OpenID Connect SSO (11763):
    • Quiklink now consistently displays when using Azure AD OpenID Connect SSO.
  5. French Translation Rendering Issue for Name Fields (11819):
    • French translations now render correctly in name fields.
  6. Need QPSA Conditional Output Rules to save if rejection reason has special characters (11831)

    1. Allowed accent characters to be used for rejection reasons

Upcoming Features:

  1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
  2. Assessment Improvements:
    • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
    • Framework Assessments for AI with Scanning Capabilities.
    • DOD Scoring for CMMC Assessments.
    • Data Mapping Enhancements.
    • Privacy Risk Register allowing organizations to track and mitigate risk across multiple projects or initiatives.
  3. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
  4. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
  5. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.