Product Updates What’s new with the Thoropass platform? Our product and engineering teams are constantly innovating to help streamline your compliance journey. Follow this page for updates on new features and capabilities of the Thoropass Platform. Find the latest release June 2024 May 2024 March 2024 February 2024 January 2024 November 2023 October 2023 August 2023 June 2024 MORE privileged access monitors Thoropass integrates with your systems to automatically generate a snapshot of privileged access users for your auditors’ review. It speeds up the audit process by eliminating manual work and meetings for access evidence collection. We currently support Azure, Google Cloud, AWS, Okta, Datadog, Bitbucket, Sentry with more to come. View previously completed audits We now provide non-editable access to completed audits for evidence details and comments review. Automated Action Items When Thoropass users integrate their cloud service provider with the Thoropass platform, up to 100% of the action items related to cloud security configurations can be automatically completed with just a click. It also gives users a real-time status of their security posture and alerts them when discrepancies are identified in their cloud instance. Additionally, when you publish policies in Thoropass, the software will alert you when it’s time to review and republish those policies. Once you republish, Thoropass automatically completes those action items. Jira two-way sync enhancement Action Items synced to Jira tickets now include the control name, control ID, and action item ID in the Jira ticket to make those tickets easier to find via Jira search and to enable Jira automation. With Thoropass multi-framework action items, you only have to complete an action once for it to count across frameworks. When a multi-framework action item is synced to Jira and your company adds a framework, Thoropass automatically updates the Jira ticket with the new framework content appended as a comment. May 2024 Consolidate shared requirements with multi-framework action items The new dynamic action items allows you to organize tasks to implement and maintain compliance across all your frameworks. The new action items reduce repetition with unified Action Items and visualize the differences between frameworks for faster action. Optional publish policy workflow now available Admins can now toggle on a more strict publishing flow for policies in their company. The new workflow requires a separate Approver’s sign-off before any policy is published. This update enforces unique Owner and Approver roles for a policy, ensuring clear accountability. A Policy owner would send a request to publish their policy to an Approver, and the Approver can request further changes or approve and publish the policy. Slash the time it takes to fill out questionnaires using GenAI DDQ The product uses advanced processing tools to assess a given question and match it to the company’s own existing library of previously answered questions. For any question that can’t be matched, GenAI is used to scan existing PDFs of prior surveys, policies, procedures, reports, etc., and suggest answers that can be adopted or edited as appropriate. March 2024 Streamlined multi-framework audit process with a New Combined Audit Offering The new audit page UX streamlines navigation through your audit tasks, enhancing audit efficiency. With the revamped dashboard, gain immediate visibility into your audit progress, the status of evidence requests, and auditor in-app updates. Also, explore the details of each evidence request and comment if needed. Dark mode is way cooler, new UI for Global Navigation Sidebar This update includes a partial shift to dark mode to enhance discoverability and readability for page content. Additionally, the new look offers functionality for users to expand or collapse sections, enabling them to prioritize and easily access their most frequently visited pages. New Tasks Page capabilities for admins to manage team workloads efficiently Admins can view all Action Items within the organization on the Tasks page. We added new filters to enhance your ability to navigate tasks efficiently. To make these updates more accessible, we revamped the Tasks Dashboard card for admins so you can go to the view you need with just a click. Unified controls Unified Controls offers you a simplified way to manage crosswalks across multiple frameworks and stages of compliance. Our in-house audit experts mapped each supported framework into this unified experience. February 2024 New UX for the Audit page The new audit page UX streamlines navigation through your audit tasks, enhancing audit efficiency. With the revamped dashboard, gain immediate visibility into your audit progress, the status of evidence requests, and auditor in-app updates. Also, explore the details of each evidence request and comment if needed. Privileged access monitor With the integration with Azure, our monitor automatically generates a snapshot of privileged access users for your auditors’ review. This enhancement further speeds up the audit process by eliminating manual work and meetings where auditors traditionally spend hours navigating through a customer’s Azure instance, collecting recordings and screenshots for access evidence. This is the first in a series of monitors aimed at streamlining privileged access listings, with more to come. January 2024 Project Management Sync Thoropass now supports sync compliance to-do’s, status updates, and attachments between Thoropass and Jira, creating a seamless workflow environment. This week, the Jira two-way sync feature is available to all customers with additional project management tools coming soon. Custom Risk Definitions Users can now tailor risk definitions to align with their internal language and risk models. These definitions will also be included as evidence to the auditor, proving that your company utilizes a clear methodology. New Dashboard, Visuals, and Control Status The updated dashboard landing page provides a quick overview of the status and statistics of your program. Additionally, the updated control status definition clearly indicates when intervention is necessary for a control. November 2023 Streamline risk management with the Risk Register With our newly integrated Risk Register feature, you can proactively track, review, and mitigate risk in the same platform that you manage your compliance readiness and audit process. Our navigable dashboard provides you with an instant 360-degree view of your risk landscape for decisive actions and enhancing engagement with business stakeholders. A more focused and organized dashboard navigation experience Our latest UX updates to the dashboard streamline navigation and reduce clutter by centralizing Quick Links and moving My Tasks to a separate page. Additionally, the improved call-to-action enhances progress tracking across multiple frameworks to promote user efficiency. October 2023 More advanced automation available Our library of integrations grows every week, and we expanded functionality for the tools you use like Rippling, GitLab, Atlassian Bitbucket, and many more. Recent updates include new monitor logic, allowing you to automatically exclude staging, test, or proof of concept resources from being flagged against your compliance program. Streamline workflow navigation with a redesigned dashboard Explore our redesigned Dashboard to quickly identify your compliance workflows and drill down with no wasted effort. August 2023 Automated policies Instead of writing for days or weeks, get policies customized to your organization in under five minutes. Complete a brief questionnaire, and we’ll deliver our automated information security policies. And with our policy editor and employee reminders, you’ll be audit-ready in no time. Currently available for SOC 2 and HITRUST, with ISO 27001 coming soon. Thoropass training V2 Thoropass can’t do compliance training for you, but it can make assigning and tracking training more straightforward than ever. Use Thoropass Training V2 to launch and manage training campaigns to ensure you meet your security requirements. We’ll automatically email your employees and admins so they never miss deadlines. Structured evidence request Evidence collection is the hardest part of any audit. We restructured our audit interface to make evidence collection easier, faster, and more transparent while keeping you in touch with your auditor the whole way. Multi-factor authentication We added MFA to keep your account and environment secure, including a guided setup process, self-serve MFA recovery, and support for popular MFA apps. Unified roadmap view We continually guide you on your compliance journey and redesigned our Roadmap UI to keep you on course. Roadmap gives you a bird’s eye view of your progress and the power to drill down, control by control, task by task, to manage your work directly. In-app scope reminders Our team of experts and auditors work with you to understand the scope of your audit. Our new in-app Scope feature informs you of what you’re working on and why. Receive in-context reminders about the systems your compliance program interacts with. New integrations experience We’re constantly adding Integrations for all your SaaS tools. Our latest update includes a redesigned interface to simplify and streamline your work. The result? You always know and understand how these integrations help you at audit.