Yokohama Release: Read all about the new and exciting innovations released for GRC/Risk and ESG!

Read the FAQ.  Watch the demos.

A new year brings some significant enhancements across our Risk/GRC and ESG portfolios. Below are some of the highlights from this release:

AI Agents for Integrated Risk Management: Issue Summarization

Now Assist for Integrated Risk Management (IRM) with issue summarization is a new GenAI skill that offers a game-changing opportunity for GRC teams by empowering them to leverage AI benefits throughout the issue lifecycle.

With Issue Summarization, you can:

• Leverage easy to find summarize button on the Issue Overview page​
• Generate a summary within seconds of the entire issue including actions taken and resolution​
• Provide feedback on the issue, copy the summary, or post the summary into work notes with the click of a button​

Whether it's defining issues, understanding status, aligning actions, creating context, making informed decisions, or tracking activities, Now Assist simplifies and enhances the entire process. This skill will further streamline your risk management and decision-making, providing a valuable asset for those looking to optimize their operations.

Smart Assessment Engine

The Smart Assessment Engine has introduced significant advantages across the entire risk portfolio of products, and this release is delivering more. Enhanced Business Impact Analysis templates for Business Continuity Management, improved Compliance Case Analysis within IRM, and streamlined Privacy Assessments within our Privacy Management product leverage the Smart Assessment Engine for automated assessment responses, assessment scoring, copying templates for greater efficiency and more.

Business Continuity Management – BIA Analysis

• Leverage Smart Assessments capabilities, copy templates, prefill answers, scoring functions, filtering, etc. within BIA templates 
• Configure logic to calculate the RTO, RPO, Recovery Tier, CIA values based on the BIA responses
• Enhanced user experience for building BIAs to address varied continuity requirements

Integrated Risk Management – Compliance Case Management

• Seamlessly integrate risk assessment into compliance case management with the click of a button on the app
• Generate more meaningful assessment scores based on responses and data types
• Automatically prefill responses to reduce the burden on the user

Privacy Management – Privacy Assessments

• Create efficiencies while increasing privacy assessment accuracy with a reimagined assessment experience
• Streamline data governance, improve clarity for business users, and enhance accuracy with information object categories
• Automatically calculate and continuously monitor processing activity risk scores with new criticality factors

Digital Operational Resilience Incident Reporting

Specifically designed to assist financial services customers meet regulatory requirements like the EU Digital Operational Resilience Act (DORA), we have added an incident reporting workflow, templates for tracking and reporting on major incidents, a new data model and service mapping visualization. With these adds, you can now leverage the new workflow to meet regulatory reporting requirements for both IT and security incidents; auto trigger compliance cases, notifications and assessments with relevant CMDB ties to drive informed remediation actions; autogenerate initial, intermediate and final reports for DORA; and classify major incidents appropriately.

Some other highlights across Risk and ESGM

Business Continuity Management

In this release beyond Smart Assessments, we have also added new crisis map feature enhancements and some significant updates to task management in crises. We added Gantt chart visualization to help you understand the sequence of tasks in each exercise and crisis event plan. This will provide a clear timeline of when each task should be completed, helping your teams manage resources and meet deadlines more effectively.​​

• Quickly identify duplicate tasks across exercises and crisis event to remove redundancy
• Contextualize dependencies across plans to understand potential impact to RTO, RPO
• Visualize the execution order of the tasks via a Gantt chart

ESG Management

We are also enabling you to better prepare and prioritize sustainability interventions with planning and analysis features to evaluate the potential impact of various environmental, social, and governance factors on your sustainability goals under different hypothetical conditions. New metrics capabilities, including a formula tree, allow you to more easily create reports despite complex formulas and calculations – saving approvers and auditors time and improving the user experience.

• Create multiple What-if scenarios to model a future path and compare to understand how different inputs affect outcomes
• Adjust specific variables (e.g., energy consumption, emission factors) to assess potential changes and hence plan smart interventions
• Use pre-defined models to forecast data for metrics
• View the calculations along with the values in a hierarchical formula tree

Integrated Risk Management

In addition to the Smart Assessment Engine and Digital Operational Resilience Incident Reporting enhancements, the Yokohama IRM release includes several new application features and capabilities. A few highlights include:

• Audit – new Risk & Controls Matrix (RACM)
• Continuous Authorization and Monitoring (CAM) - export/ import of Oscal format for Catalog and SSP model and enhancements to ATO artifacts
• Policy & Compliance – features to help provide greater visibility into compliance scores and control attestations
• Regulatory Change Management - new ways to accelerate regulatory change impact analyses with our new, streamlined assessments experience
• Risk Management - risk assessment project enhancements create operational efficiencies, advanced risk engine enhancements to help automate assessment responses and generate more meaningful risk scores
• And the list goes on!

Privacy Management ​

The Privacy Management Yokohama release introduces a new efficient and automated assessment experience that streamlines the assessment process, reduces the need for multiple assessments, and provides capabilities to automatically calculate risk scores for ongoing high-risk processing activity monitoring.

Third-party Risk Management

Within Third-party Risk Management, questionnaires for entities and engagements associated with the same active third-party can now be pre-populated using responses from submitted questionnaires, streamlining the process and reducing redundancy.​​ Your third parties or teams can also respond to all questionnaires using a Microsoft Excel template, which can be downloaded, completed, and imported into the vendor portal, making the process more efficient.

To learn more details about these enhancements and others introduced with Yokohama, visit the documentation site, participate in our GRC Community or register to watch the What’s New community webinars live or on demand.