Menu

KCM GRC Change Log

Avatar
Lauren Ashley
Updated
Follow

Below is a list of our new feature releases and updates for the KnowBe4 Compliance Manager GRC (KCM GRC) platform.

The latest list of updates will be displayed at the top of the page.

Release Date  Description

July 2019
  • We've updated the Quarterly Product Update video in our Knowledge Base. This video covers new features that have been added to the KnowBe4 product line over the previous quarter.
  • The following are new Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • Commonwealth of Virginia Hosted Environment Information Security Standard SEC 525
    • Financial Conduct Authority Handbook (UK)
    • Interagency Guidelines - Information Security Standards
    • ISO 27002
  • The following are updated Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • CJIS Security Policy v5.8
    • HIPAA Security Rule

June 2019
  • The following enhancements have been made to the Vendor Risk Management Module:
    • When creating questionnaires, you can now upload a CSV file of custom questions. See here for details. 
    • When reviewing questionnaires, you can now change the score of vendor responses from the Questionnaire Review and Issue Details pages.  
    • We've added filters to the Questionnaire Review page so you can filter questions by question type, or filter by questions with issues, attachments, or incorrect answers. 
    • When sending (scheduling) a questionnaire, you can set a suggested due date. The questionnaire assessee will see the due date in their email notification, and in their vendor portal. 
    • A Scheduled Questionnaires Calendar has been added to the Vendor Management Dashboard. All questionnaires are reflected on their send date (or scheduled to send date).
    • You can now cancel active questionnaires from the Assigned Questionnaires tab, under the Vendor Details page. 
    • You can now cancel questionnaire schedules (questionnaires to be sent) from the Schedules tab, under the Vendor Details page. 
    • If your vendor did not receive the email notification for their assigned questionnaire, you can now generate and send their login link from the Assigned Questionnaires tab, under the Vendor Details page. 
    • You can now archive questionnaires that have not been sent or scheduled. 
  • The following are new Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • Gramm-Leach-Bliley Act Privacy Rule
    • Gramm-Leach-Bliley Act Safeguard Rule
    • IRS Publication 1075

May 2019
  • You can now follow this article to stay informed of the new and updated Managed Templates available for your account. Our team ensures we have the up-to-date versions of these frameworks available for your use. Contact your Customer Success Manager to have additional templates added to your account.
  • The following are new Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • ASD Information Security Manual v3.2019
    • Commonwealth of Virginia ITRM Standard SEC501 v10.1
    • UK Ministry of Defence - Defence Standard Low Profile
    • UK Ministry of Defence - Defence Standard Moderate Profile
    • UK Ministry of Defence - Defence Standard High Profile
  • The following are updated Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • CIS Critical Security Controls Group 1 7.1
    • CIS Critical Security Controls Group 2 7.1
    • CIS Critical Security Controls Group 3 7.1

April 2019
  • The Vendor Risk Management (VRM) module was released.
    • The VRM module lets you centralize your third-party risk management processes by prequalifying risk, assessing your vendors, and conducting remediation efforts in your KCM GRC platform. See our Introduction Guide to learn more.
  • Updates were made to the User Roles available in your account. This includes updates to the User Management and User Profile pages in your account. See more information in our Working with Users article.
  • You can now manage evidence submission settings (DocuLinks and documents) at the scope level–in addition to the account-wide settings. See more information in our Managing Account Settings article, here.
  • The following are new Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • NCUA ACET v1.0
    • DFARS NIST 800-171 SA v11.2017
    • HMG Security Policy v1.0
    • Massachusetts Data Privacy Regulation v2009
  • The following are updated Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • CIS Critical Security Controls 7.1
    • CCIS Critical Security Controls 7 to 7.1_Changes

March 2019
  • The following are new Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • PCI DSS SAQ A
    • PCI DSS SAQ B
    • PCI DSS SAQ B-IB
    • PCI DSS SAQ C
    • PCI DSS SAQ C-VT
    • PCI DSS SAQ D Merchants
    • PCI DSS SAQ P2PE
    • PCI DSS - SAQ D Service Providers v3.2.1
    • Secure Controls Framework
    • OWASP Level 1 v4.0
    • OWASP Level 2 v4.0
    • OWASP Level 3 v4.0

February 2019
  • The following are new Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • Financial Services Sector Coordinating Council (FSSCC) v1.0
    • NIST SP 800-171 Appendix E v2016
    • FedRAMP High Baseline Controls v8.2018
    • FedRAMP Moderate Baseline Controls v8.2018
    • FedRAMP Low Baseline Controls v8.2018
    • FedRAMP LI-SaaS Baseline v8.2018
    • NIST 800-53 High-Impact Baseline rev4
    • NIST 800-53 Moderate-Impact Baseline rev4 
    • NIST 800-53 Low-Impact Baseline rev4
    • International Traffic in Arms Regulations (ITAR) v12.2018
  • The following are updated Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • NIST 800-53 rev4

January 2019
  • The following are new Managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • PCI DSS - Self-Assessment Questionnaire A-EP v3.2.1
    • AB-375 Consumer Privacy Act of California v1.0
    • NAIC MDL - Insurance Data Security Law v4th Quarter 2017
    • PIPEDA v12.2018
    • HITECH v2.2009
  • The following are updated managed Templates now available for your account (contact your Customer Success Manager to have additional Templates added to your account):
    • HIPAA Privacy and Breach v1.0
    • HIPAA Security Rule v1.0
    • PCI DSS Appendix A v3.2.1
    • CJIS Security Policy v5.7
    • SWIFT CSP v2019
Release Date  Description

December 2018
  • New Managed Template now available (contact your Customer Success Manager to have additional Templates added to your account):
    • SSAE18 SOC2 TSC (AT-C 105/205)
  • The ability to create Risk tags was added.
  • Added a new tab called Risk Settings to the Account Settings page where you can manage custom categories and risk tags.
  • You can now create, edit, delete, and CSV upload custom Risk templates.

November 2018
  • New Managed Template now available (contact your Customer Success Manager to have additional Templates added to your account):
    • NIST SP 800-171 A
  • Added the user role Risk Administrator.
  • Added the ability to map controls to a risk.
  • Added the Risk Management report. See here for more information.
  • Added the ability to export the Evidence Repository to a CSV file.

October 2018
  • The Risk Management Module has been added to KCM GRC.
    • Risk Management simplifies the processes of identifying, assessing, and managing the risks faced by your organization. See here for more information.
  • The threat Quick Add screen was added. For more information, see here.
  • The View Risk screen was added. See here for more information.
  • Added the ability to upload risk templates with a CSV file from the Risk Templates screen.
  • Added the ability to import risks to the risk registry with a CSV file.
  • Added sample CSV files to download and use as a template when using a CSV file for imports.
  • Added colors for the different Risk categories.

September 2018
  • The ability to Clone Scopes was added.
  • A new Managed Template is now available as a result of revisions to NIST SP 800-171 Rev. 1 (contact your Customer Success Manager to have additional Templates added to your account):
    • NIST SP 800-171 Rev. 1 (updated 06/07/2018)

June 2018
  • Executive Reporting features have been added to KCM GRC.
    • Executive Reports give you the ability to send status reports for one or more Scopes at a frequency you choose. See here for more information.
  • Two new Managed Templates are now available as a result of revisions to PCI DSS (contact your Customer Success Manager to have additional Templates added to your account):
    • PCI DSS v3.2.1:
      • The most current Template for this publication (supersedes PCI DSS v3.2)
    • PCI DSS Changes v3.2.1:
      • Consists only of the changes made to this publication since the previous KCM GRC Template (PCI DSS v3.2)

May 2018
  • Multi-Factor Authentication is now available for your KCM GRC platform.
  • New versions of Managed Templates are now available (contact your Customer Success Manager to have additional Templates added to your account):
    • CIS Critical Security Controls 7
    • NIST Cybersecurity Framework v1.1
    • NIST SP 800-171 Rev. 1 (Updated 2/20/2018)

April 2018
  • New Managed Template now available (contact your Customer Success Manager to have additional Templates added to your account):
    • General Data Protection Regulation (GDPR)
  • The Policy Management module was added to KCM GRC.
    • Policy Management allows you to easily track and manage your organization's policy distribution and user acknowledgments. See here for more information.

February 2018
  • New Managed Template now available (contact your Customer Success Manager to have additional Templates added to your account):
    • UK Cyber Security Essentials 

January 2018
  • Two new Managed Templates are now available as a result of revisions to NIST SP 800-171 (contact your Customer Success Manager to have additional Templates added to your account):
    • NIST SP800-171 2017:
      • The most current Template for this publication (supersedes NIST SP800-171 2015)
    • NIST SP 800-171 Changes 2015-2017:
      • Consists only of the changes made to this publication since the previous KCM GRC Template (NIST SP800-171 2015)
Release Date  Description

December 2017
  • Improved reporting features, such as Gantt charts and additions to the Evidence Repository table

November 2017
  • New and improved account settings features:
    • Ability to add a display name and company logo
    • Ability to restrict access to allow only certain IPs
    • Limit control and task documents to DocuLinks and/or uploads
    • Hide your console from KCM GRC support
    • Configure the time needed to prepare evidence for ongoing tasks, when using Effective Date Range (EDR) feature.
  • Effective Date Range (EDR) feature release:
    • Allows admins to set start, end, and due date for tasks.
    • End date/Due dates are dependent on Frequency of task. Frequency settings can be manually adjusted in Account Settings.
    • Start, end, and due date can be modified within each Task.
  • Set up an advanced, one-time task:
    • Allows admins to set up a one-time task with a start, end, and due date.
Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles