ISO 9001 and ISO 42001 are now available in Secfix.

We’ve expanded our NIS2 coverage with additional manual evidences to help you meet compliance requirements more efficiently.

You can now view the list of employees in each group directly while assigning a policy.

Enterprises with multiple subsidiaries can now get a bird’s-eye view of all their subsidiaries, including frameworks progress, KPIs, and quick access to each subsidiary’s dashboard.

When someone is assigned as an owner on an item, they’ll now receive an email notification. To keep inboxes clean, we bundle updates into a single email sent 15 minutes after the first action.

A couple of great updates this week to help your team work better together.

You can now add teammates as Collaborators, a limited-access role that only shows them the items they’re directly assigned to as owners (like specific risks, treatment tasks, inventory items, vendors, policies, evidence, or checks). It’s ideal for subject-matter experts or short-term contributors who don’t need full visibility.

There’s now a Export button on each framework page. Just click it to get a report with all the control details, handy for audits or sharing progress with others.

We’ve just rolled out two key updates to help you manage Secfix more efficiently as your team grows.

You now have more flexibility in how you grant access:

These roles make it easier to involve subject-matter experts without overexposing sensitive information. (Coming soon: Collaborator role)

The sidebar has been reorganized to improve clarity and navigation. Pages are now grouped under logical sections like Compliance, Personnel, Risk, and Trust, making it easier to find what you need.

We’ve replaced the Compliance Reports page with a brand new Frameworks page, giving you a much more powerful way to stay on top of your compliance requirements.

With the new Frameworks page, you can easily review all framework requirements in one place and view each control along with everything mapped to it, including:

You can now leave comments on risk scenarios in the Risk Register!

After rolling out the comments feature to Automated Checks and Manual Evidence, we’ve extended it to the Risk Register so your team can easily collaborate, ask questions, and provide context right where it's needed.

This week, we rolled out updated filters on the Manual Evidence page to bring consistency with other pages and make filtering easier. You can now quickly narrow down the list to show items that need attention, are assigned to you, or filter by owner, standard, recurrence, or status.

This makes it easier for teams to collaborate, ask questions, and provide context all in one place. Whether you're reviewing uploaded documents or clarifying evidence requirements, the new comments section keeps communication tied to the relevant item.

We’ve rolled out three major features to level up your experience:

You can now tag team members in automated check comments! Tagged users will receive an email notification with a direct link to the comment.

Track progress over time with new historical graphs! You can now view:

For each check run, you can now inspect the test data as JSON to see exactly which resources it was executed on.

You can now deactivate monitoring for one or more failing resources within an automated check. This is helpful when a resource isn’t relevant or when you'd rather attach manual evidence instead. Just provide a reason and optional attachments. You can reactivate the resource at any time.

Onboarding task evidence is now visible on terminated employee profiles, making it easier to reference historical records during audits or reviews.