October 2022 - Software update

October 2022 - Software update

We are happy to announce that we are launching a new software update in the second week of October. The focus areas of this update and the future versions are to improve the navigation and GUI of the application. This update includes several changes that our users have requested and is a significant lift for the application's usability. Do not worry if your suggestion did not make it this round; we continuously record and prioritise suggestions, so keep them coming!

Improvements to the risk assessment dashboard

Previously, the available features on the risk assessment dashboard were a bit scattered. We have fixed this by creating an easily accessible toolbar and making all the features available in the top right corner. The options for ownership, sharing, copying, and printing options are now easily available through the new dashboard. The delete button is now available for all risk assessments, including the overall risk assessment.


Example of new menu line for the risk assessment dashboard

Furthermore, we have added more interaction to the process step buttons such that they highlight when hovering the pointer over them.

New sorting for risk assessments and treatments

The Diri application now allows for sorting of risk assessments and treatments based on ownership and belonging. You can now easily sort the objects in both lists based on multiple options such as all, mine, assigned to me, shared with me, and published. This new feature will make it a lot easier to find your objects in Diri.


New sorting options for the risk assessments (the updated application will look slightly different)

Templates and risk assessment library - Published assessments

We in Diri AS will start to create risk assessment templates to ease your way into cyber risk management. The templates will be available through the new "Published Assessments"-feature on the risk assessment overview. The library will contain templates for standard overall risk assessments, suggestions for risk assessing generic cloud applications, and system-specific assessments. The assessments shared by us will be from the unit named Templates.
Access the risk assessment you wish to re-use through the risk assessment overview and click copy. User can also choose to share their own risk assessments with other users in the Diri application.

Changes to the risk matrix

We have changed the risk acceptance thresholds in the Diri risk matrices, the implication of this change is that some coloration in your risk matrix will change. This change will make it more predictable and easier to understand the coloration scheme. The change affects especially risks that have a very high score along one axis and a low score on the other axis which would previously be colored red.

The change creates a static coloration of the risk matrix closer to best practice. The new coloration scheme closely resembles the following heatmap figure using lines to differentiate the risk levels:


New risk acceptance thresholds for the risk matrix

The new risk thresholds has broader and more clearly defined boarders for the green, yellow, and orange areas. The red area is narrower. The change has also been implemented into the counting for the Company risk picture piechart for consistency.
How this change your risk picture is visible in the following picture:

Old vs new risk thresholds

Minor changes and bug fixes

Generic improvements
  • Clarified deletion message text when attempting to delete a risk assessment.
  • Main menu compression arrow can now be used throughout the application allowing for a bigger work surface in workshops etc.
  • Reduced the number of error messages the system generates.
Navigation
  • Added a "Go to risk assessment"-button when working inside the risk assessment which always takes you the risk assessment dashboard.
  • You can now access a risk assessment  via the asset registry.

Bug fixes
  • Optimized endpoint for searching for treatments by name
  • Added timeout to search request for autocomplete name field for treatment, canceling previous timeout if a new letter has been typed. (Causing the delay-bug when saving a new treatment)
  • Minor bug fixes.