· intuitem · News · 3 min read
What's New in CISO Assistant — Week 27, 2026 (v3.19.0)
A packed minor release: SCIM provisioning with IdP groups mapping, offline-ready AI with pre-baked models, managed portals, admin-driven MFA reset, and a long list of UX, i18n, and bug fixes.
The v3.19.0 minor landed on June 29 with a big slate of features headlined by SCIM provisioning, offline-ready AI, and managed portals — plus a deep round of fixes across TPRM, OIDC, exports, and translations.
Headline Features
- SCIM provisioning & IdP groups mapping — CISO Assistant now supports SCIM, automatically provisioning users from your identity provider and mapping IdP groups to roles. This brings true directory-driven access management to the platform (PR #4393, with follow-ups #4415 and #4425). Thanks to @tchoumi313.
- Offline-ready AI (breaking) — Embedding and reranker models are now pre-baked into the image so the AI assistant works fully offline. Expect a larger image size as a result (PR #4404). Thanks to @Mohamed-Hacene.
- Managed portals — A new managed portals capability for delivering scoped, externally-facing experiences (PR #4386). Thanks to @ab-smith.
Security & Access
- Admin MFA reset — Administrators can now reset another user’s MFA, smoothing recovery when someone loses access to their authenticator (PR #4270). Thanks to @tchoumi313.
- Stronger OIDC state & nonce — Increased the length of the OIDC state and nonce values for better protection against replay and CSRF-style attacks (PR #4411). Thanks to @tchoumi313.
New Features
- Manual implementation groups on dynamic frameworks — Implementation groups can now be set manually on dynamic frameworks (PR #4391). Thanks to @Mohamed-Hacene.
- Disable the “partially compliant” option — Admins can now turn off the partially-compliant assessment result for stricter scoring (PR #4421). Thanks to @ab-smith.
- Optional collection creation for PMBOK projects — Collection creation is now optional when starting new projects, alongside a collection-code refactor (PR #4413). Thanks to @ab-smith.
Integrations & Exports
- Richer audit/framework Excel exports — Excel exports now include typical evidence and annotations (PR #4414). Thanks to @Mohamed-Hacene.
- CSV export encoding — Fixed encoding issues in CSV exports (PR #4410). Thanks to @Mohamed-Hacene.
- FORCE_CREATE_ADMIN with existing user —
FORCE_CREATE_ADMINnow works even if the user is already defined (PR #4376). Thanks to @eric-intuitem.
Performance
- Faster mapping list — Resolved slowness when loading the mapping list (PR #4380). Thanks to @Axxiar.
Internationalization & Accessibility
- Czech localization — A complete update of the Czech translation (PR #4389). Thanks to @zdenek-pergl.
- Italian to 100% — Italian translation completed to full coverage (PR #4403). Thanks to @pnatale.
- Accessibility tags recovered — Restored missing tags for accessibility (PR #4398). Thanks to @ab-smith.
- Library converter translations — Fixed missing question translations in
convert_library_v2.py(PR #4412). Thanks to @tarkadia. - Audit framework-name translation — Corrected a wrong Framework Name translation in the Audit Summary and Audit List (PR #4416). Thanks to @tarkadia.
Bug Fixes
- TPRM respondent permissions — Third-party respondents can no longer edit evidence status (PR #4420). Thanks to @tchoumi313.
- DORA evaluation labels — Fixed DORA evaluation fields showing raw codes in the solution detail view (PR #4409). Thanks to @Axxiar.
- Qualitative metrics choices — Restored the missing display of choice definitions in qualitative metrics definitions (PR #4402). Thanks to @Axxiar.
- User expiry editing — Allowed the expiring date to be in the past when editing a user, and fixed expiration to fall on the next day (PRs #4401, #4374). Thanks to @Axxiar and @eric-intuitem.
- Broken links in tables and findings — Prevented undefined links in
modelTablecells (PR #4400) and fixed broken/undefined/<id>links on the finding detail page (PR #4424). Thanks to @tarkadia and @tpujolalan.
Welcome to new contributors @pnatale and @tpujolalan, who made their first contributions in this release. For full details, check out the v3.19.0 release notes on GitHub.