· intuitem · News  · 4 min read

What's New in CISO Assistant — Week 28, 2026 (v3.19.2)

A feature-rich patch: a reworked risk acceptance workflow, the NCA ECC-2:2024 framework, evidence on data breaches, expanded document management, ServiceNow asset sync, broader audit-log coverage, Slovak localization, and a long list of fixes.

A feature-rich patch: a reworked risk acceptance workflow, the NCA ECC-2:2024 framework, evidence on data breaches, expanded document management, ServiceNow asset sync, broader audit-log coverage, Slovak localization, and a long list of fixes.

The v3.19.2 patch landed on July 10 and, despite the point-release label, it packs a lot: a reworked risk acceptance workflow, a new regulatory framework, evidence support on data breaches, expanded document management, and a deep round of integrations, i18n, and bug fixes.

Headline Features

  • Reworked risk acceptance workflow — The risk acceptance flow has been overhauled for a clearer, more robust approval experience (PR #4419). Thanks to @Mohamed-Hacene.
  • NCA ECC-2:2024 framework — Added the Saudi National Cybersecurity Authority’s Essential Cybersecurity Controls (ECC-2:2024) as a built-in framework (PR #4378). Thanks to @smakarim.
  • Expanded document management — A broad epic expanding CISO Assistant’s document management capabilities (PR #4458). Thanks to @ab-smith.

New Features

  • Evidence on data breaches — Data breach records can now carry attached evidence (PR #4455). Thanks to @ab-smith.
  • Extra options on findings tracking & exception status — More control over findings tracking and the status of exceptions (PR #4463). Thanks to @ab-smith.
  • Autologin page — A new autologin page to streamline authentication flows (PR #4453). Thanks to @eric-intuitem.
  • More customization on GDPR processings — Additional customization options for GDPR processing records (PR #4477). Thanks to @ab-smith.
  • Column selection on nested action plans — Choose which columns are shown in nested action plan views (PR #4495). Thanks to @ab-smith.

Integrations & Data Wizard

  • ServiceNow asset sync — Integrations now support asset synchronization, with the ServiceNow schema cached via startup warming and a manual refresh option (PR #4362). Thanks to @nas-tabchiche.
  • Import/Export representatives — Representatives can now be imported and exported through the Data Wizard (PR #4456). Thanks to @tarkadia.
  • Task template import — Added task template import functionality to both the Data Wizard and the CLI (PR #4487). Thanks to @tchoumi313.

Security & Audit

  • Broader audit-log coverage — The audit log now covers settings changes and additional object types for a more complete activity trail (PR #4490). Thanks to @ab-smith.

Internationalization

  • Slovak localization — Added Slovak as a supported language (PR #4467). Thanks to @datasecsro.
  • Confirmation word in sensitive-operation modals — Sensitive-operation confirmation modals now honor the translated confirmation word (PR #4466). Thanks to @ab-smith.
  • Contract translations & log redirections — Multiple translation fixes around contracts and the new logs redirection pattern (PR #4482). Thanks to @ab-smith.

Bug Fixes

  • Jira field mapping on self-hosted 9+ — Fixed broken field mapping on self-hosted Jira 9 and later (PR #4449). Thanks to @Mohamed-Hacene.
  • Mapping set framework names — Resolved incorrect framework names for non-imported frameworks in mapping sets (PR #4459). Thanks to @nas-tabchiche.
  • Non-ASCII export filenames — Better handling of non-ASCII characters in filenames during export (PR #4464). Thanks to @ab-smith.
  • Portal file names preserved — External files for portals now keep their original filename and extension (PR #4484). Thanks to @ab-smith.
  • Action plan PDF cost — Fixed missing cost in the action plan PDF export (PR #4465). Thanks to @ab-smith.
  • Empty REF_ID rejected — Qualitative metric choices now reject an empty REF_ID on both create and update (PR #4437). Thanks to @mvanhorn.
  • Unlinking the last Evidence label — Fixed a case where the last remaining label could not be unlinked from an Evidence (PR #4447). Thanks to @tchoumi313.
  • Multi-value risk-level filtering — Restored multi-value filtering on risk current_level and residual_level (PR #4436). Thanks to @tchoumi313.
  • Feared events table — Aligned the feared events nested table to the standard pattern and surfaced entity labels (PR #4446). Thanks to @ab-smith.
  • EBIOS RM improvements — Multiple UI improvements on EBIOS RM (PR #4492). Thanks to @ab-smith.
  • Preset editor edit page — Fixed the preset editor edit page (PR #4486). Thanks to @Mohamed-Hacene.
  • Exceptions adjustments — A round of adjustments to the exceptions handling (PR #4478). Thanks to @Mohamed-Hacene.
  • Report template overrides (Pro) — Fixed edge cases with document report template overrides (PR #4493). Thanks to @ab-smith.
  • UI glitches — Cleaned up multiple UI glitches across the app (PR #4488). Thanks to @ab-smith.

Welcome to new contributors @datasecsro, @mvanhorn, @Totara-thib, and @thomasboni, who made their first contributions in this release. For full details, check out the v3.19.2 release notes on GitHub.

Back to Blog

Related Posts

View All Posts »