= Functionality development complete and ready for release

= Functionality development incomplete, but on the short-term roadmap


Q3 2019 Release Target (September?)

  • Ability to define a custom "risk appetite" value
  • Creation of a new "Risk Appetite" report that shows separate tabs for risks within and outside the appetite
  • Ability to save selections in the Dynamic Risk Report with a name
  • Ability to share saved selections in the Dynamic Risk Report with other users
  • Customization: Ability to define custom fields as required
  • Risk Assessment: Ability to add sub-templates as questionnaire logic
  • Import-Export: Integration with Jira
  • Customization/Encryption: Ability to define custom fields as encrypted
  • Risk Assessment: Ability to audit questionnaire responses against a defined control framework
  • Custom Authentication: Enhancements to setting of teams and permissions via AD and SAML attributes

Q4 2019 Release Target (December?)

  • Notification: Allow customization of language of notifications
  • Development of Organization Hierarchy Extra


Q2 2019 Release Target (June 30, 2019)

  • Addition of a "Manager" value for each user that will automatically populate the "Owner's Manager" field for risks
  • Fix for IE10 compatibility issues
  • Add the "Mitigation Control" value to the Dynamic Risk Report
  • Updated handling of roles so that user permissions change when role permissions are changed
  • Fix so that updating a control in the Governance section doesn't refresh the entire page
  • Add an audit trail entry for Accepting and Rejecting a Risk Mitigation
  • Add functionality to combine multiple assets into an "Asset Group" that can be added to a risk
  • Add translations for the Mongolian language
  • Association of teams with audit tests
  • Ability to delete active audits
  • Risk Assessment: Ability to select multiple contacts for an assessment
  • Import-Export: Ability to import vulnerabilities with Rapid7 Nexpose
  • Import-Export: Export of controls to a CSV file
  • Ability to specify your own scores for risks depending on the likelihood and impact values
  • Team-Based Separation: Restrict access to audit tests by associated team
  • Advanced Search: Creation of a new SimpleRisk Extra to enable more targeted search criteria

Q1 2019 Release Target (March 31, 2019)

  • Addition of tagging of risks and assets
  • Addition of asset groups
  • Addition of text-based description for asset valuation range
  • Enable project selection as part of risk review
  • Association of Frameworks and Controls with Policies, Guidelines, Standards, and Procedures
  • Ability to Document Exceptions to Policies and Controls
  • Addition of a help menu
  • Addition of the Audit Timeline report
  • Customization of e-mail prepend value
  • Ability to export the audit log
  • Import-Export: Ability to import assets with Rapid7 Nexpose