Skip to main content

February 2026

CSRD Supply Chain Module (v1.0)

  • New: Full CSRD supply chain reporting module
  • New: Double materiality assessment workflow with stakeholder survey
  • New: Supplier ESG questionnaire portal (6 languages: EN, DE, FR, ES, IT, NL)
  • New: Scope 3 GHG calculations (spend-based, activity-based, supplier-specific)
  • New: ESRS data point mapping view
  • New: Sanctions screening for all vendors (EU, UN, OFAC lists)
  • Improved: Vendor risk module — new DORA TPRM classification fields

Platform improvements

  • New: XBRL tagging export (preview) — machine-readable ESRS data
  • Improved: AI policy drafting — now supports sustainability policies (ESRS G1, E1)
  • Fixed: Evidence expiry notifications were not sending for some users

January 2026

DORA compliance updates

  • Updated: DORA Art. 28 register template updated for 2026 RTS requirements
  • New: ICT concentration risk reporting view
  • Improved: Sub-processor tracking in vendor module

ISO 27001:2022

  • New: Annex A 2022 controls mapping (updated from 2013 version)
  • Improved: Evidence collection for A.5.23 (Information security for cloud services)

December 2025

Integrations

  • New: AWS integration — IAM, CloudTrail, S3 encryption evidence
  • New: Azure AD integration — conditional access, MFA enforcement evidence
  • Improved: GitHub integration — now collects Dependabot alerts as vulnerability evidence

General

  • New: Evidence bulk upload tool
  • New: Risk register export (Excel, PDF, JSON)
  • Fixed: Cross-framework control mapping wasn’t showing all linked controls