The third quarter of the year bears the fruits of our summer labour. And these fruits are as sweet as fruits go! Over the summer we added several new pages and reworked the menu, the inbox, and the dashboard. So, basically everything. We hope you like these updates as much as we enjoyed creating them. Happy reading!

Tracking activities and control status

Over the summer we took a good look at tracking of activities and controls, and we’ve been forming and implementing our new vision since:

• The controls page is the go-to place for an overview of all controls. To underline this we moved the control status from the dashboard to this page.
• The dashboard is used to track open activities to completion. New visuals help locate where bottlenecks are and/or urgent action is needed.
• Many users find it helpful to track the status of activities relating to a specific control or asset. So, we added the status of executions to the ‘assessments’ tab and renamed it to ‘activities’, along with some other nifty enhancements.
• Finally, we added the Activities page where you can find and track ALL activities. This will be the new control panel for activities. As a preview of things to come we already added the ability to assign users to multiple activities at once.

Framework references

Map controls to industry frameworks!. This first version already includes a whopping 8 frameworks: ISO27001:2022, SOC 2, CIS CSC, NIST CSF, NIST SP800-53, GDPR, RVIT and EBA ICT guidelines. And there’s more: Every industry framework reference includes as much detail as we could find, such as detailed requirements, test instructions, and industry control labels. And every control can have as many references as you like.

Risk management V2 (Beta)

New functionality in the Risks department: Assess risks directly from Tidal! There’s a new kid in town called the ‘rating tab’, and it’s where all the cool risks go to get themselves assessed. Show how you manage risks by assessing the inherent risk level, choosing a risk treatment, and determining your residual risk. The results of your risk assessment are shown on the risks overview page. In the next months we’ll be adding more functionality to Risk management, such as the ability to create action plans.

Automations

The Kandji automation has been updated to reflect user feedback. In our next update we’ll provide more information on our automation roadmap, which includes Microsoft Azure and Github among others.

Issue management V1 (Alpha)

A final update we managed to sneak into this quarter is the alpha release of Issues management. Issues can now be created manually and tracked via the Activities page. But this is only the start. It will be possible for testers to create new issues found during testing, for auditors to track their findings, and for security staff to log and respond to identified security incidents. All of these types will work like action plans with a list of tasks to complete, assignees, and a due date. Stay tuned!

- Written by Dennis van de Wiel, Founder