With the latest version of ZenGRC, we continue to deliver enhancements designed to make it even easier to manage your compliance program. New capabilities now available in v2.0 include:
Consolidated Control Updates
We are pleased to introduce a new analytics engine that provides insight into how compliant you are with a new standard in relation to your current control set. This allows ZenGRC to help you answer the question: How compliant am I with “x” standard, given that I am “y”% compliant with “z” standard?
Our library of consolidated objectives directly uses cross-source mappings, vetted by Reciprocity’s team of GRC experts. Our GRC team delivers a continuous cycle of highly relevant seed content and ongoing enhancements supported by the most widely accepted frameworks (e.g. COBIT, PCI, UCF) to our customers to help them tackle complex and ever-changing regulations. Your percentage of compliance with one standard is, therefore, a litmus test for a different, yet related compliance standard.
You can now obtain milestone reports from the “Downloadable Reports – Onboarding Progress” section of ZenGRC and create a dashboard that tracks the completeness of your system-of-record.
New Audit Log Simplifies Evidence Collection
Managing documentation and evidence collection is often a tedious, team-wide activity. And keeping track of the status of all that collected documentation and evidence is a chore. To alleviate the need for an audit trail, we’ve added a log to our evidence request object. You can now view evidence collection history by using the Request Object log. This allows you to see who changed the status of a request to “in progress”, “finished”, or “verified.” If a request is declined, or verified erroneously, you can easily track down which user changed the status and remediate the issue.
Best Practices and Strategies for Core Standards
We continue to refine and update our library of best practices and strategies for core standards and our Customer Success team now offers additional GRC expertise and documentation on core programs, including SOC 2, HIPAA, SOX, and PCI.
In addition to the changes noted above, we continue to make workflow improvements designed to make it easier for customers to manage tasks within ZenGRC. The new version greatly simplifies tasks when mapping to multiple objects. For example, many customers use workflows to automate the annual review of their policies and contracts. If you have ten policies to review, there would typically be ten tasks going to one person responsible for this annual endeavor. Now you have the option to create one task for each of those ten policies. This restructuring of the task object simplifies task management.
As always, please contact us with questions about the new features available in ZenGRC v2.0.