Product Spotlight | See What's New in Apptega [April 2024]

Laura Vieiro Rial
May 3, 2024

Spring is in full swing and, at Apptega, that means a fresh new batch of product enhancements and a revamped Release Notes format to match the season's vibrancy.

Read on for a quick overview of all the new features and improvements available to you – and keep an eye out for some nods to Schitt's Creek and New York City quirks. 😎

✨ Introducing ISO 42001 

Ever worried about AI pulling a Terminator on all of us?  

I'm a bit concerned GIF

While we can't guarantee smart machines won't start demanding coffee breaks, we can make sure they play somewhat nicely. That’s part of the reason why we just launched support for ISO 42001.

Considered the world’s first AI management system standard, this framework can help you — and your clients — by:

  • Providing enhanced security: Align your AI practices with global security standards for a risk-free operation.  
  • Giving you a competitive edge: By fast-tracking compliance with the first AI management security standard, you'll be ahead of the game and unlock new business opportunities.  
  • Boosting confidence: Provide stakeholders with peace of mind knowing AI is managed securely.

To get started, just select the framework on the Program Builder section and start assigning tasks and uploading evidence for each sub-control right away.

✨ Introducing PCI DSS 4.0  

Who doesn’t like a good upgrade? Think of that thrilling moment when you're bumped up to business class on an international flight. Or imagine scoring VIP passes to see your favorite band, just after you've resigned yourself to the nosebleed section. (Ok, ok... That doesn’t ever happen.)

But that’s exactly what it feels like to leave PCI DSS 3.2 behind and get compliant with version 4.0, now fully supported by Apptega.  

The latest update of PCI packs a punch with tighter controls and smarter security protocols, ensuring that your data stays always secure.  

Just go to Assessments, find the latest version of this framework in our library, and get ready to enjoy the added legroom and fancy drinks the benefits of adding enhanced security to your payments with a streamlined compliance journey.  

✨ Introducing NYC DFS  

Quick stop at the Big Apple for our last big release of the month.

We're excited to announce that we now support the New York Cybersecurity Regulation (NYC DFS), a crucial framework for any business operating in the financial services industry in the city (we're looking at you, the more than 3,000 New York-based financial institutions!).

This regulation is like the Times Square of data security — busy, essential, and a bit chaotic — but we’ve done all the heavy lifting for you so you can move from assessment to audit-readiness faster than you can hail a cab during rush hour.

Ok, enough with the cheesy New York analogies...

You can find the framework under ‘Program Builder,’ where you’ll find detailed info and steps to meet each relevant control and sub-control, making compliance feel like a walk in Central Park. (Whoops!)

🎨 New Look, Who Dis?

“It’s what’s on the inside that counts.” - Said no one at Apptega’s marketing team. Ever.

We like a new look more than Moira Rose loves a dramatic wig change, so our app just got a full makeover.  

Moira Rose GIF

While our core features are the same, our logo, favicon, and default colors have gotten a facelift that aligns with our sleek new branding.  

And for those of you who’ve personalized your app with custom branding — keep doing you! None of these changes will mess with your mojo.

🎓 Onboarding Tutorials 

 Our customer success team loves hanging out with you, but let's face it — meeting fatigue is real. That's why we're rolling out new onboarding tutorials for new features. 

Now, you can learn all about Apptega's latest features directly on the platform, at your own pace, and without always having to chat with us for a walkthrough.  

Dive into these tutorials as you see them pop up and you’ll become a product whiz.

But rest assured, we’re still here if you need us. 

🪄 Improvements  

⏫ Enhancements to ISO 27001:2022

  • Annex A (A.1-5) - Organizational Controls: We've added the Missing Segregation of Duties control. Now, it’s easier to see who's doing what, so it's not just everyone blaming Kevin.
  • Annex A (A.1-8) Technological Controls: We've split the User End Point Devices and Information Deletion into separate sub-sections because sometimes, separation is the key to a healthy relationship.
  • Operational Planning and Control: We’ve divided this into three sub-sections because they, too, needed some breathing space.
  • Control 10: We've decluttered the Improvement section by removing duplicates (who needed the extra copies?) Plus, we've spruced up the sub-controls.  

⏫ Enhancements to NIST 800-171A - Extended Assessment

  • Access Control - Section 3.1.4 A, B, and C / Configuration Management – Section 3.4.4 / Risk Management: All sections got a refresh with the latest questions for assessment objectives. We’re just big fans of updating and upgrading stuff.  

⏫ Enhancements to NIST 800-171  

  • Audit of Privileged Use 3.1.7 & Encrypt Data on Mobile Devices 3.1.19: We fixed a few description errors in these sub-controls. No more excuses for confusing 'encrypt' with 'destruct.'

⏫ Enhancements to NIST CSF

Added the missing RC.IM section and cleared out duplicates in the RS.IM section. Balance restored, just how we like it.

⏫ Enhancements to NIST CMMC

Corrected a few missing controls at CMMC Level 2 for sections 3.4.4, 3.5.4, and 3.5.9. It was like finding missing socks — satisfying and somewhat mysterious how they wandered off in the first place.  

🪳🔨 Bugs Bashed

  • Duplicated notes on tasks: Had a bit of a Groundhog Day experience with notes duplicating themselves every time you saved? Good news for your mental health: You can now add new note fields to your tasks without any pesky clones popping up.
  • Deleting info in sub-controls: Unlike real-life mess-ups, the best thing about digital mistakes is that a Ctrl + Z is usually all you need to fix them. Stuck info in sub-controls used to defy this rule, but — luckily — not anymore.
  • Slow performance of Assessment Manager: Experiencing the slow performance of Assessment Manager felt like watching yourself age in real-time. We've turbocharged the page loading so you can whip through your work without celebrating any extra birthdays.
  • Objective criteria in non-relevant frameworks: Ever found yourself at a party you weren’t invited to? Well, our Objective Criteria table sure did. That’s why we’ve introduced a new feature that ensures this table only shows up in the frameworks where it’s supposed to be.
  • Users unable to search on request ID in audit board: The request ID search in Audit Manager had gone AWOL, so we’ve drafted it back into service. Now, you can effortlessly chase down specific audit requests without breaking a sweat.