General
Task Management
Task management ALL view and addition of Multi-Filters: This gives a “custom user” with the correct aspect (View all tasks) the ability to see an overview of ALL tasks within RESPONSUM (not only his/her own or appointed tasks). The addition of the multi filter allows for easy search through these tasks and alignment with other RESPONSUM (Sub-)Modules.
Login
Fix for being logged out every time a user refreshes the page
Dashboards
Security/Risk Management dashboard: Dashboard added with various KPI’s to track risk management and the security status within your organization.
Awareness
Learning
Ability to reference one or more “Involved departments”: A reference field was added that allows a user to add one or more “Involved departments” to the Processing activity for easy reference.
Enrollment Overview page: Allows a RESPONSUM user to see in a glance what courses employees are enrolled in, whether they completed the course and when and provides the ability to unenrol an employee again if access to the course/quiz is no longer required.
Privacy Management
Records of processing activities
Legal Management
Automatic marking of legal management items as “Obsolete” if no longer being used for the processing activity: If a processing activity no longer uses the Legal Obligation or Legitimate interest that is linked to it in legal management, it will now automatically be marked as obsolete. The item will still stay linked to the processing activity it was (for historic reference). Only in it’s obsolete status, a user can choose to delete the item.
Data Subject Rights
“Reference to related ticket” field added to Data Subject Rights: This allows you to set a URL to a related ticket in any kind of ticketing system (for reference).
Security Management
Stakeholder Management
Involvement tab extension: The involvement tab now also shows the suppliers and manufacturers of IM Systems linked to a process that is linked to the stakeholder in question.
Ability to add one or more related IM Systems to a Vendor assessment: As a vendor assessment can have a specific (set) of IM system(s) in scope, the ability was added to link one or more IM systems that are related to a vendor assessment.
Vendor assessment Sub-module view now allows the use of the “Assessment builder” type: When navigating to the Vendor assessment sub-module directly (not via stakeholder management), the only ability was to add an “Assessment file” type vendor assessment. The new “Assessment builder” type vendor assessment is now also supported here.
Incident and breach management
Improved way to select involved data, IM systems and Data Subjects
Risk Management
Risk Strategy: Will allow users to define their own probability, impact and risk levels. This generates a risk matrix that is custom to the risk appetite of your organisation. For the impact levels defined, the user has the ability to define custom parameters that can be used to identify which one applies best to the risk you are assessing (Ex. reputational damage, financial damage and up to 10 additional custom parameters possible)
Risk Register: Allows the user to add and manage risks within their organisation. A risk can be appointed a probability, impact and an automatically calculated risk level. A source can be appointed to identify the IM System, DPIA, Processing Activities etc. that is causing the risk to occur.
Risk Treatment Plan: Ability to identify Measures and Controls to mitigate the risks defined in the Risk Register.
Configuration
User Management
Permissions for Custom user reviewed and improved
Function role can now also be added to a user account: Prior this was only possible for an employee account.
My organization
Measure dictionary: Newly added sub-module that allows the user to have an easy overview of all Measures that have been defined within ROPA items and to handle specific Risks defined within the Risk Register.