Product Updates

On this page:ROAR Quarter 1 Updates: Key Innovations: Technical Advancements: User-Centric Additions: Miscellaneous Enhancements: ZenGRC Quarter 1 Updates: Notable Updates: Integration and Management: Enhancements for Efficiency: User Experience Focused: Want More Details? ROAR: ZenGRC   ROAR Quarter 1 Updates:Key Innovations:Custom Dashboards and Views: Dive into a world of data at your fingertips, with the new drag-and-drop functionality, expanded download options, custom colors, and new chart types. Elevate Your Risk Management: Utilize Custom Risk Objects and Risk Registers to integrate risk management practices deeper into your business strategy, allowing for precise risk analysis and robust mitigation strategies. Policy Approvals: This new workflow is designed to automate policy approvals. You can schedule tasks to start on a future date and set up a recurring schedule, complete with automatic notifications, escalations, and dynamic due dates! Automated Gap Analysis: Get a clear picture of your cybersecurity controls against new compliance frameworks with our automated gap analysis tool. Our comprehensive backend automation reveals how your controls match up with any other SCF-supported framework, giving you a reliable estimate of your existing coverage. Control Assessments: Utilize control assessments to evaluate how effective a control is in satisfying all mapped requirements. Aligning controls with the underlying business objects and applicable requirements solidifies an organization's compliance and security posture.  Technical Advancements:Security Scorecard & GitHub Custom Fetchers: Starting with Security Scorecard and GitHub, we expanded our suite of integrations to include Custom Fetchers. Fetchers introduce a targeted approach to data collection, focusing on precision, enhanced security, and unmatched scalability. AI Authoring Assistant: Using information about each Framework combined with our internal expertise in GRC, we’re leveraging the power of Artificial Intelligence to provide tailored implementation descriptions, ensuring controls are well-documented and properly written to satisfy applicable requirements. Expanded Jira Integration: Our Jira connector now supports Jira Data Center, broadening our integration capabilities. In addition, the connection process for Jira Cloud was streamlined to improve the user experience.  User-Centric Additions:Streamlined Evidence Management: Our latest updates make gathering, accessing, and reusing evidence more intuitive than ever before, ensuring consistency and eliminating the need to repeatedly collect the same evidence for various audits. Evolution in Evidence Handling: We've introduced editing capabilities right within the evidence library, along with advanced search functionalities to swiftly pinpoint the exact piece of evidence you need. Elevated Task Management: Assignees and Owners can now update tasks directly via email, streamlining communication and ensuring the ROAR system stays up to date without the need to log in. Customize and Save Your Views: No more resetting your list view every time you navigate away. With 'My Views', you can now save your customized settings on business objects, including column visibility, order, width, filters, and sorting. Reference Controls: Access an internal library of Secure Controls Framework (SCF) controls to explore detailed information about each control.  Miscellaneous Enhancements:Rich Text Comments and @ Mentions: Communicate more effectively with our new commenting capabilities. The rich text functionality and @mentions foster clear, collaborative discussions directly linked to your workflows. Streamlined Navigation (Left-Hand Navigation Update): Our updated navigation interface aligns perfectly with your primary workflows, offering an intuitive experience that simplifies the management of your GRC activities. Enhanced Task Management (Task List Grid Update): Manage your tasks with unprecedented ease thanks to our improved task list grid, now with powerful searching and sorting that puts you in control. Workflow Updates: To reduce the number of automatic notifications and to increase customization, we are no longer creating automatic tasks by default for evidence review and implementation assessments. Instead, we’ve empowered organization admins to choose when these tasks should be created and sent out to other platform users. In summary, Q1 of 2024 was a period of rapid-innovation and solution enhancements, making risk management and compliance not only more efficient but also more integrated and customizable to specific organizational needs.  ZenGRC Quarter 1 Updates:Notable Updates:Questionnaire Scoring: Elevate your questionnaire analysis with our new Answer Scoring feature. This addition brings a structured and color-coded evaluation system directly into the questionnaire response table, allowing for an intuitive and immediate assessment of each response. Integration and Management:Bidirectional Sync for Attachments and Comments: Attachments and comments between Jira and ZenConnect now sync in both directions, ensuring seamless communication and documentation flow. Enhanced "Tasks" and “Risks” Integration: Synchronize both standard and custom attributes, and manage "Requests," "Risks," and "Tasks" with bidirectional creation, deletion, and synchronization between Jira and ZenConnect. Enhancements for Efficiency:Introducing 'Request' as a New Workflow Object Type: Dive into even more customization with the ability to add "Request" as an object type in the "Object" dropdown for Workflow Steps. This enhancement allows for greater flexibility and specificity in managing your workflow tasks, allowing you to add workflows when Request transition to Complete, Review, or Submit statues. New Workflow Action - Send Email: Say hello to seamless communication with our 'Send Email' action! Automate your workflow communications with custom templated emails. This new feature enables you to trigger emails for any workflow action, perfectly blending efficiency with user engagement. Whether it's status updates, reminders, or follow-ups, keep your team informed and connected with ease. Elevated Task Management: Assignees can now update tasks directly via email, streamlining communication and ensuring ZenGRC stays up to date without the need to log in. User Experience Focused:Default Homepage is Now Audit! To enhance your ZenGRC navigation experience, we've updated the default homepage to focus on audits, placing critical oversight at the forefront of your entry into the platform. Users with previously set custom homepages will see no change, ensuring your tailored ZenGRC experience remains intact. Enhanced Group Filtering: When filtering by owner, you can now include groups, providing a more comprehensive view of risk ownership across different segments of your organization. ZenGRC's updates in Q1 of 2024 underscore its dedication to evolving with user needs, enhancing flexibility, integration, and overall user experience in the GRC arena.  Want More Details?ROAR: ZenGRC

 ROAR Quarter 4 Updates:ROAR's Evolution Continues: Q4 of 2023 marked a significant stride in ROAR's journey as a leader in the GRC industry. This period was characterized by impactful enhancements and innovations, tailored to enrich user experience and streamline compliance management. Key Innovations:Evidence Review: This new feature simplifies the audit process by enabling team members to easily review and approve evidence items, enhancing workflow efficiency. Customization at its Core: Custom Frameworks, Controls, and Attributes enables personalized compliance management, offering flexibility and customization to align with unique organizational needs. Additional functionality through user-created fields, allowing for more personalized data collection. Asset Management: A newly introduced tool for asset-based risk management, providing enhanced visibility, efficient vulnerability management, and prioritization of critical assets. Technical Advancements:Customer API: Introduction of an API for workflow automation, data extraction, and custom interactions, further enhancing ROAR's interoperability and user experience. User-Centric Additions:Vendor Assessment: Advanced categorization and risk assessment tools for insights into service providers and regulatory compliance. Data Request Audit Workflow: A new audit workflow offering intuitive data request lists and automatic notifications for a more efficient auditing process. Continuous Compliance Program Improvements: A built-in compliance program creation wizard for streamlined setup and use. Mappings: A feature for dynamically mapping objects to various other objects and findings, providing a comprehensive view of compliance impact. In summary, Q4 of 2023 for ROAR has been a period of robust innovation and user-centric enhancements, making risk management and compliance not only more efficient but also more integrated and customizable to specific organizational needs.  ZenGRC Quarter 4 Updates:Notable Updates:Agile Auditing: The new Audit Requirement Flexibility enables requests creation independently from audits, fostering an agile compliance environment. Workflow Integration: Integration of questionnaire responses into workflows marks a significant move towards continuous compliance. Integration and Management:ZenConnect Sync: Experience seamless synchronization between Jira and ZenGRC with Bidirectional Sync for Requests. Effortless Task Transitioning: Bulk Reassignment offers efficient management transitions and task tracking. Enhancements for Efficiency:Recurring Task Upgrade: Recurring tasks now auto-populate data, streamlining task management. Expanded Data Handling: Enhanced import/export capabilities include the Recurrence field for comprehensive data analysis. User Experience Focused:Advanced Filtering: New filtering options provide finer control over data analysis. Customizable Homepages: Non-admin users can now personalize their dashboard, enhancing their user experience. ZenGRC's updates in Q4 of 2023 underscore its dedication to evolving with user needs, enhancing flexibility, integration, and overall user experience in the GRC arena.  Want More Details? Check Out the Full Release Notes Here:ROAR: ZenGRC: 

In Q3, RiskOptics' ROAR has emerged as an even more formidable tool for risk management and compliance, signaling a pivotal shift towards smarter, seamless, and more collaborative solutions.A highlight is the new "External Auditor" role, marking a watershed moment for organizations that collaborate with external consulting firms. This role acts as a linchpin, connecting the intricate web of internal compliance management with external auditing. Tailored for the auditors' needs, it narrows their focus to just the essentials, simplifying complex processes and ensuring accuracy.  This quarter also sees the unveiling of smart data gathering techniques via new "Questionnaires," making it easier to navigate the intricate world of third-party vendor risk. Coupled with the platform's "Vulnerability Management" features, organizations now have a two-pronged approach to not just identifying but also mitigating risks effectively.  Integrations have received a significant boost with task management connectors for Jira and ServiceNow. These connectors act like bridges, making it easier for different departments within an organization to collaborate. Task management has never been this streamlined, emphasizing the platform's commitment to inter-departmental collaboration and efficiency.  Evidence management also gets a facelift with user-friendly features designed to save time and effort. Need all your framework and audit evidence in one place? A simple click downloads everything, which complements the updated, credible, and trustworthy request emails, and the ability to manage evidence request tasks more efficiently!  The system of record and framework monitors have not been left behind. New frameworks are continuously being added, and the system of record now offers more granularity in role categorization and services listing. This keeps organizations on their toes, ensuring they are always a step ahead in compliance and risk management.C5 2020 - Compliance Controls Catalogue (C5) Program CSA CAIQ v4.0.2 EU-U.S. and Swiss-U.S. Privacy Shield Frameworks FedRAMP LI SaaS Gramm-Leach-Bililey Act (GLBA): 2021 Part 314 ISO 14001:2015 - Environmental Management Systems ISO 27002 ISO 27018:2019 - Information Technology Security Techniques New York State Department of Financial Services (NYDFS) 23 NYCRR 500 - Cybersecurity Requirements for Financial Services North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) SOC 1® - SOC for Service Organizations: Internal Control over Financial Reporting (ICFR) Trusted Partner Network (TPN v5.1) US DOJ / FBI - Criminal Justice Information Services (CJIS) Security Policy  So, the third quarter has clearly been a bustling period of innovation for ROAR. Whether it's making external audits a breeze, gathering data smartly, integrating seamlessly with other platforms, or enhancing user experience, RiskOptics has shown that it's heavily invested in making risk management and compliance not just necessary but efficient and user-friendly.  ZenGRC Quarter 3 Updates:Custom Homepage for Non-Admin Roles: This page has been restored and fully functional! "Recurrence" Attribute in Requests: Newly compatible with both data import and export functionalities. Enhanced Filter Operators: Filters now support "Does Not Contain" and "Does Not Equal" conditions, providing greater flexibility.  Want More Details? Check Out the Full Release Notes Here: 

ROAR PLATFORM UPDATES & EVENTS Our ROAR product team is working hard to release exciting new updates in the RiskOptics ROAR Platform. We’re excited to share the latest updates with you!Read our latest release notes that share what’s new in ROAR, including:Service (Vendor) Assessments Evidence on Business Objects→ READ THE RELEASE NOTES      Check out the latest product roadmap. To see what we’ve recently delivered and what we are working on next, click the roadmap link below or select the Product & Frameworks Roadmaps folder on the Product Updates page.→ VIEW ROADMAPS     Want to know which frameworks are available in ROAR? A list of all live frameworks and a roadmap of upcoming framework releases is now available.→ SEE WHAT'S AVAILABLE To ensure you stay up to date on all upcoming ROAR releases, make sure you register for our monthly user group, the RiskOptics ROAR Roadmap Series.→ REGISTER NOW

ROAR PLATFORM UPDATES & EVENTSRiskOptics ROAR Roadmap Series | May 11Join our next user group session to see the latest features and functionality that are now live in the ROAR Platform!  We will also share what’s coming next and talk about how you can start preparing for your upgrade. And we’ll discuss feedback from customers who have recently upgraded to ROAR - you don’t want to miss out! COUNT ME INThe detailed ROAR roadmap will be a major topic during the user group; however, you can get a sneak peek at all the exciting updates here:  ROAR Roadmap: Q2 2023 - May ZENGRC PRODUCT UPDATESWe continue to make improvements in ZenGRC and are pleased to announce the following features are now live:APIsWe’ve extensively updated the “mapping” attribute of all Entities. View the Changelog here.DashboardsCustom colors are now available! To access, go to Settings > Chart Settings.Risk Sort the heatmap list by Risk Score View Risk Score updates in the History tabMulti-factor Authentication is now available. Learn more here.

ROAR Platform Updates:We will be releasing lots of exciting new features and functionality in the RiskOptics ROAR Platform over the next 3 months. To ensure you stay up to date on all these releases, make sure you register for our monthly user group, the RiskOptics ROAR Roadmap Series. Our next meeting will take place on May 11. You can also check out Product Updates in the RiskOptics Community for the latest release notes and product roadmap. To get a closer look at what we’ve recently delivered and what we are working on next, click HERE. ZenGRC Platform Product Updates:Two-factor authentication is now available in ZenGRC. Click the link below to learn more about how to request and set up 2FA. Learn more HERE.

ROAR PLATFORM PRODUCT UPDATESCheck out the latest ROAR roadmap to see which features and functionality are being released over the coming months.  Google Cloud Platform (GCP) and Github connectors are now available!  Take a snapshot of your current risk and compliance posture across all of your programs using our Org Level Report.ALL RELEASE NOTES ZENGRC PRODUCT UPDATESThe ZenGRC Wiki in Confluence has been sunsetted and will no longer be supported. Make sure you are using this site, the Reciprocity Community, as your source of up-to-date information and support articles for ZenGRC. Visit the ZenGRC section of the Knowledge Base.

🚀 Reciprocity ROAR Evidence Requests now provide two additional fields:URL - Allows you to point to evidence stored in a separate repository like Sharepoint or Google Drive. Notes - New functionality to provide additional guidance and correspond with evidence providers.🚀 Generate an Audit Report from our recently updated report templates! The Reciprocity ROAR Audit Reports help diverse audiences (i.e. The Board, Leadership, Senior Management) analyze risk and compliance data across a program in an easily accessible format (i.e. PDF). 🚀 The Program Wizard was recently streamlined to support quick program creation and launch. Additionally, all risk and compliance programs are now addressed.  🚀 Use the Connectors Hub to view and manage all available Reciprocity ROAR integrations from a central location.ROAR Azure Integration ROAR AWS Integration

 ZENGRCWe continue to improve ZenGRC’s ability to integrate with other tools and we are pleased to share that the Projects and Exceptions Objects now have read and write capabilities.

 We are excited to share enhancements to the following areas in the Reciprocity ROAR platform: Organizational Onboarding Enhancement - Automatically Select US States: During Organizational onboarding, all US states and territories are pre-selected when “USA” is chosen as an operating region for your business. If customizations are required, users may deselect states and territories that are not applicable to their business. Pre-Scored Inherent and Threat Consequence Scores: ROAR has recently applied new consequence scores between each threat and risk, which is the addition of a new threat-risk relationship-score value in a new Reciprocity ROAR program. Risk Scores and Control Relationships: When a residual risk is scored on a risk assessment, program managers, risk assessment owners, and risk analysts will see the impact of only the program’s in-scope controls on their related residual risk's score(s). Program Preview and Details: The Program preview has been updated by re-ordering the pages. Highlights is now the first viewed page and Details is the second page of the Program preview. Onboarding Checklist: Visit the checklist for additional actions to consider in your ROAR Onboarding journey.

We are excited to share enhancements to the following areas in the Reciprocity ROAR platform:Organizational Onboarding & Profile Page: You can now quickly create & edit an organizational profile and, from that data, implement ROAR’s expert-recommended Programs curated specifically for your organization. ROAR Recommended / Curated Programs: Administrators now receive a curated selection of Programs - presented by priority and rank - after completing ROAR Organizational Onboarding. Organization Level Navigation: Users can now quickly access authoritative Org-level information within ROAR by choosing from the key features statically located in the top banner of each page.  Program Context & Purpose: Programs offer additional context and purpose to users with the addition of a new priority assignment and financial value feature.  Control Scoping Logic: During program creation and when launching recommended programs, the control scoping logic has been updated Findings and remediation plans: Audit managers and control assessors can now add a priority status and assign an owner to findings in ZenComply.  Audit workflow: Audits no longer depend on a finding’s creation and closure in order to mark an Audit complete. Risk scoring: Risks and threats are pre-scored and automatically populated with GRC Expert values. Reciprocity Community single sign on (SSO) is now enabled for all ROAR users. Controls within a Program’s Library records will now only show requirements in scope for that specific Program.

Product UpdatesThe product roadmap is available for the Reciprocity ROAR platform! See what we have in development, in design and coming in 2023. Check Out the Roadmap  EventsAsk the Experts Webinar | September 8, 2022Reduce Risk and Increase Efficiency with Cyber Assurance ProgramsNow that you’ve had some time to explore the Reciprocity ROAR platform, it’s time to start leveraging the power of programs to reduce your risk and improve efficiency. Members of our Technical Product Management team continue the discussion around managing your business objectives as cyber assurance programs. Watch On-Demand  User Group | September 27, 2022Watch the recording of our quarterly User Group to get the latest on:The ROAR product roadmap including feature enhancements for organizational onboarding, program recommendations, connectors, and external providers Efficiency gains with ROAR - see the same great features you love about ZenGRC plus so much more! How we are developing powerful User Access Control capabilities in ROAR  Watch On-Demand 

Our Reciprocity ROAR Platform Roadmap is now available. See the roadmap here to find out what the product team is working on, including what is:In development, with a target completion date of this quarter In design, with a target completion date of the end of 2022 Coming up next, with a target completion date of early 2023 VIEW THE ROADMAP 🦁

We've made great strides focusing on improving our capabilities to integrate with other tools. Here are a few of the latest updates we’ve made to ZenGRC:API Improvements: Additional Objects are now accessible via the APIs, adding PUT/POST functionality as well as the ability to access Comments and Attachments via the API. We’ve also added access to additional Fields, including Tags, Dates, Notes, Owners, and urls. Additional updates can be found here.The following Objects have been updated: Objectives, Controls, Vendors, Products, Risks, Markets, Systems, Threats, Deviations.Vendor Object-Task Creation: You can now create a Task via the API from the Vendor ObjectNew External Auditor role: This allows someone the ability to View, Approve, Issue Findings, and Make Requests from that Audit.  In addition, the role can get assigned to an assessment so they can:Initially document the control effectiveness, document their observations, etc. where the audit manager is then set as the verifier of the assessment. Allow an auditor to create issues from the assessments to document any findings that require remediation for the control.

New Reciprocity ROAR features are live!Maximize your efficiency by using ROAR's Program Scoping to include only what's necessary and even add additional frameworks! Open a program and navigate to the Library Records pages to get started! Ready to try it yourself? Now you can master program scoping by completing the ROAR’s Program Scoping training available in the Reciprocity University (login required for access).  Connect your AWS account to a program and start collecting evidence automatically using ROAR's AWS Integration. Analyze interactive charts, drill down into the data with detailed pop-outs, and export easy-to-read visuals all in the Risk Dashboard. Finally, download a comprehensive Audit report containing your important audit information all in one place! For a full additional details and supporting documentation, please check out the Product Release Notes 

USEZenGRC UpdatesWe continue to make updates to our APIs by adding the POST and PUT endpoints objects in ZenGRC. The POST endpoint allows external systems/scripts to create new records in ZenGRC while the PUT endpoint allows existing ZenGRC records to be updated. Enhancing the Projects object now allows you to the flexibility to map projects maintained in an external repository, helping you track remediation and mitigation without having to manually duplicate data. ROAR UpdatesAn AWS integration with Reciprocity ROAR is now available! This integration will serve as an automated evidence collection function during an audit. To learn more about how this integration can benefit you, check out the Knowledge Base article.READ NOW  ACTNext Product Sprint Review | July 28 - Enjoy a coffee on us! Attend the next Product Sprint Review to learn the last developments made to the Reciprocity ROAR platform. We will also discuss what we have planned for vendor management, evidence collection and integrations. As a thank you for attending the session and providing your feedback on our developments, we will send you a gift card for a free coffee!  SIGN ME UP 

USEZenGRC Product UpdatesWe are hard at work developing advancements to our API functionality. This month we’ve added the ability to access Attachments and Comments via the API. This function is available for the following objects:   Objectives Controls Vendors Products Risks Markets Systems Threats We have also added Read and Write capabilities via the API on the Markets Object.  Reciprocity ROAR Platform UpdatesPlease visit the Release Notes section of the Reciprocity Community to stay up to date on the latest product enhancements, including new functionality for risk reporting charts. Secure Controls Framework UpdateThe SCF will be publishing a moderate update which includes a number of new frameworks including PCI DSS 4.0. This SCF update also includes new controls and updates to existing control language. The Digital Security Program (DSP) and Cybersecurity Standardized Operating Procedures (CSOP) will also receive corresponding updates. For more information about upgrading, please contact your Customer Success Manager.  ACTProduct Sprint Review - June 23, 2022 | 8:00 AM - 8:30 AM PDTThis month’s Sprint Review will showcase updated charts and program scoping. Grab a coffee and come learn more about all the  improvements we’ve made to the Reciprocity ROAR platform. I'LL BE THERE User Group - Recording AvailableMissed the user group session? Click here to access the full recording and learn what’s next for ROAR and how to set up common cyber assurance programs.WATCH RECORDING

USEZenGRC Product UpdatesHere are the latest updates available for ZenGRC:Print to a Word document from any Dashboard Push/Put access is available via the API for Controls Object Create a task via the API from the Vendor Object Reciprocity ROAR Platform UpdatesPlease visit the Release Notes section of the Reciprocity Community to stay up to date on the latest product enhancements.   ACTProduct Sprint Review - May 26, 2022 | 8:00 AM - 8:30 AM PDTThis month's Sprint Review will showcase updates to risk reporting and automated evidence collection. Grab a coffee and come learn more about the AWS integration and additional improvements we've made to the Reciprocity ROAR platform.I'LL BE THERE User Group - June 15, 2022 | 8:00 AM - 9:30 AM PDTJoin us for the next User Group as we share the product roadmap and discuss product enhancements since we last met.SIGN ME UP RSA - June 6-9, 2022 | San FranciscoGoing to RSA? We would love the opportunity to meet with you and have a number of ways to get in touch while you're onsite: Stop by booth 4615 in the North Hall Schedule a meeting with one of our onsite executives. Contact your CSM to book! Attend our speaking session on Tuesday, June 7 at 2:10 PM PDT: Shifting Your Approach for Smarter Risk & Compliance Outcomes with Meghan Maneval.   

We are excited to share our latest product updates! Do you receive the monthly ZenReport Product Edition newsletter? Check it out here and subscribe. Here are our updates:ZenGRC API Improvements:For a full list of upcoming improvements and details on what these updates mean for you, view the ZenGRC roadmap.Live Now: Threats, Market, Objectives, and Controls Objects have been updated with read and write capabilities. Expose Event Log: We have added an endpoint to allow you to fetch event log data via the API.Coming May 2022:Exceptions Object will be updated with read and write capabilities.Upcoming Product Sprint Review on April 28th at 8AM PDTJoin CEO and CPO, Michael Maggio, and his team of product managers as they provide a real-time look at where they are in development with ZenComply, ZenRisk. This week's session will take a look at the automated evidence collection feature. Come prepared to provide your feedback so it can be considered in product development. Sign up here or go to the Events tab.Ask An Expert Recording AvailableMissed the Ask An Expert session about upgrading to the Reciprocity ROAR platform? Click here to watch the recording and here to view the FAQ.

 Security and risk management (SRM) leaders are under increasing pressure to both reduce risk and demonstrate and communicate the value, effectiveness, and maturity of their security program to a broad range of stakeholders with differing and evolving expectations. This includes board members who, after years of receiving quarterly reports on cybersecurity, are now asking for improved reporting on the value of security programs that provides them with a deeper understanding of their current risk posture and areas of higher risk.   Providing actionable risk insights has been difficult if not impossible for InfoSec teams, as this level of visibility isn’t realistic with the single risk register approach offered by traditional Governance, Compliance, and Risk (GRC) and Information Technology Risk Management (ITRM) tools.  But that all changes today -- with Reciprocity’s new product suite built on the Reciprocity ROAR Platform.  Reciprocity ROAR Platform The Reciprocity ROAR Platform is a game-changer, introducing an entirely new approach to IT risk management by breaking down the silos between compliance and risk and providing a real-time view of risk within the context of business activities that empowers InfoSec teams with the actionable insights they need to avoid and mitigate risk and optimize security.  The Reciprocity ROAR (Risk Observation, Assessment, and Remediation) Platform enables companies to create cyber assurance programs around critical business processes, assets, or initiatives. This provides the flexibility to choose the right mix of frameworks, risk registers, scoring methodologies, and vendor scores to get a specific and accurate risk assessment to help guide strategic decisions. The result: organizations can more easily and efficiently protect their most valuable assets, quantify the value of security investments, accelerate business initiatives, and effectively inform leadership on the levels of risk and improvements. Insight + Intelligence + Automation The Reciprocity ROAR Platform combines insight, intelligence, and automation to deliver a unified user experience while reducing complexity and driving efficiency. Using an AI-powered approach, the platform integrates IT and cyber risk activities, providing clear context into your risk posture. Continuous monitoring of your controls helps you stay ahead of threats by keeping your team connected and informed through proactive notifications.  The Platform delivers prescriptive guidance to help you select the right mix of requirements and pre-loaded content, within a single, unified solution. The result is optimized evidence, control, and data re-use which reduces the complexity and resources required for your effective risk management.  The Platform’s AI engine automatically builds relationships among business assets and processes, controls, and risks to intelligently deliver automated risk posture as well as maximize re-use, while continuously monitoring for any changes that can negatively impact that risk posture and delivering recommendations for treatment plans. Workflows within the Platform are automatically initiated when your programs are defined, and integrations to leading business systems provide automatic information access. This pervasive automation enables you to take effective action fast, driving efficiency and maximizing your team’s talent.  Powerful Cyber Risk Applications The Reciprocity ROAR Platform powers the company’s new suite of advanced risk and compliance applications to deliver integrated building blocks for cyber assurance programs.   The Reciprocity ZenComply application strengthens the role of compliance in your security program, providing a fast, prescriptive, content-rich experience that brings together expert guidance, automation, and intelligent collaboration. The AI-powered backend maps 10,000+ content objects across frameworks, threats, and risk registers, automating calculations and building key relationships.   The Reciprocity ZenRisk application provides actionable insights within the context of your business priorities to help you effectively avoid and mitigate IT and cyber risk. With expert-provided content, predefined scoring methodologies and mapped controls, risk and threats, along with continuous scoring of residual risk, your team can stay ahead of threats and prioritize activities to drive business results while optimizing security.      Actionable Insight Unlike typical risk solutions that only provide a single, high-level view of risk, the ZenRisk and ZenComply applications use the ROAR platform to provide two levels of actionable insight, the overall risk posture of your business and detailed risk insight at the business program level. At the program level, you can take direct action on what is increasing or decreasing your exposure and understand how changes in one aspect of your business may impact others that share controls and risks.  With dual-level insights, you can communicate risk in business context with the details at hand, to make smart decisions that reduce exposure, protect your information and secure your business. To learn more, don’t miss our upcoming webinar: Effective InfoSec Begins with “Reciprocity” Between Compliance & Risk.

Here’s what’s new this month for ZenGRC integrations! For a full list of upcoming improvements and details on what these integrations mean for you, view the ZenGRC roadmap.Now liveAPI Improvements: We’ve shipped improvements to the writable custom attributes and vendor, systems, market, and risk API.Coming March 2022 API Improvements: Additional improvements to the event log, risk object, and threat object. For more information on the ZenGRC API, click here. 

We are excited to share the following updates we’ve made to our ZenGRC integrations. For a full list of upcoming improvements and details on what these integrations mean for you, view the ZenGRC roadmap Live Now Looker integration API now supports the ability to update custom attributes of all types, not just text  Coming February 2022 Risk objects will be writable Expose Event Logging as an API

     ZenGRC RoadmapLive Now- API Improvements: Risk Object and Product Object- JIRA Integration improvements: Add OAuth to JIRA- For more information on these improvements, click here Coming January 2022- Integration with LookerFor a full list of upcoming improvements, view the ZenGRC roadmap.

New, innovative risk-assessment product enables compliance-driven cyber risk managementSAN FRANCISCO, Calif. – Nov. 3, 2021 – Reciprocity, a leader in information security risk and compliance, today announced Reciprocity® Risk Intellect, which provides organizations with a unique view of how their compliance programs are impacting their risk posture. This innovative new risk-assessment product delivers immediate, automated insight to information security teams, enabling them to easily and efficiently prioritize the right activities to both strengthen their compliance and reduce risks – including data loss, cyberattacks, system failures, and security breaches.Risk Intellect complements Reciprocity’s ZenGRC® solution, allowing companies to quickly and easily connect the dots between existing compliance programs and the company’s risk posture by providing contextual views into which controls have the greatest impact on reducing risk. This insight, combined with target risk scores and guidance provided by Reciprocity GRC Experts on how to further reduce risk, help infosec teams to prioritize, improve, and re-use compliance controls and assessments to strengthen their organization’s compliance program and reduce cyber risk.“Reciprocity Risk Intellect will make it effortless for compliance-focused companies to see their world through a risk-based lens, ensuring they have immediate insight into their risk posture – without the need to conduct inherent, residual risk assessments,” said Michael Maggio, EVP of Product for Reciprocity. “Reciprocity is committed to developing and delivering the industry’s best and most innovative governance, risk, and compliance solutions on the market. The introduction of Risk Intellect, which provides immediate, actionable insight in just minutes, will enable companies to quickly and effectively optimize their compliance programs while reducing risks.“If we’d had a product like Risk Intellect two years ago when we first set out to build our cyber risk management program here at Monster, we’d have saved ourselves immeasurable time, money, and re-work,” said Peter Fahlstrom, Senior Security Engineer for Monster. “Reciprocity has done an incredible job of building a true jumpstart for companies transitioning from compliance-focused checklists to strategic risk management.”Risk Intellect enables companies to:Gain automated insight into their risk posture by leveraging existing compliance data to get immediate insight into the impact of current compliance programs. Easily prioritize compliance remediation activities by utilizing multiple views to quickly identify controls with the greatest impact in strengthening compliance and reducing risk. Make smart decisions, faster, by leveraging expert-suggested inherent and target risk scores, as well as specific guidance to further reduce risk. Strengthen compliance programs over time by utilizing a continuously updated view of their risk posture to demonstrate quantifiable improvements. Take a proactive approach by moving beyond point-in-time audits and “check-the-box” compliance to a more proactive, quantifiable approach to compliance and risk.To learn more about Reciprocity and Risk Intellect:Check out this blog to learn how Risk Intellect helps companies move from “check-the-box” compliance to compliance-driven cyber risk management. Learn how to future-proof your compliance and risk management with Reciprocity. Download this solution brief to discover how ZenGRC helps companies easily manage compliance and risk.About ReciprocityReciprocity equips organizations with the fastest, easiest and most prescriptive information security solutions in the market. Our fully integrated and automated ZenGRC platform powers a full catalog of compliance, risk and other infosec applications. Supported by our award-winning customer service and industry-leading GRC expert teams, we help businesses realize the industry’s fastest time to value while fostering in-house expertise.###Reciprocity and ZenGRC are registered trademarks of Reciprocity. All other brands or product names are the property of their respective holders.