💡 Feature requests

As of now, only packages for Debian and Ubuntu Linux are available. In enterprise environments, RHEL/Fedora are quite commonly used. Please provide an RPM package for easy installation with these systems. For engineers: The following directories might conflict during installation, because of Fedoras ownership, but should be easily fixable. %dir %attr(0755, root, root) "/etc" %dir %attr(0755, root, root) "/lib" %dir %attr(0755, root, root) "/lib/systemd" %dir %attr(0755, root, root) "/lib/systemd/system" %dir %attr(0755, root, root) "/usr" %dir %attr(0755, root, root) "/usr/local" %dir %attr(0755, root, root) "/usr/share" %dir %attr(0755, root, root) "/usr/share/doc" %dir %attr(0755, root, root) "/var"

It should be possible to assign employees to more than one employee group, for example for admins of certain groups.

We'd like to manually add evidence records to prove that we're actually generating "records of access request issues tracked". Since Secfix doesn't provide Clickup integration yet and we can't turn some ticketing-system-related tasks green, we would then add proof for that on the manual evidence list. I'm referring to the automated tasks called "Records of access requests issues tracked" and "Records of security issues being tracked" in my example.

Description Customers currently expect the Secfix platform to automatically trigger annual information-security awareness training reminders for all employees. Since this does not happen today, training deadlines can be missed and audit nonconformities may occur. Problem The platform does not send yearly reminders for mandatory awareness training. Customers cannot manually trigger or schedule these reminders. This leads to outdated training records and NC findings during audits. Proposed Solution Introduce automated annual reminders for awareness training, with the following functionalities: Automatic yearly reminder to all employees whose last training is older than 12 months. Clear visibility on when the next reminder will be sent. Notification settings so customers can adjust reminder intervals if needed. Expected Outcome Employees complete awareness training on time. Reduced risk of nonconformities in external audits. More predictable and transparent training management for customers.

Ability to filter treatment tasks by finished / uncompleted

The Risk Register currently has predefined fields, limiting flexibility for different risk management needs. Adding custom fields would allow users to tailor risk entries to their specific requirements. Use Case Risk management processes vary across organizations, and predefined fields may not always capture all necessary details. For example: A financial institution might need a "Regulatory Compliance Impact" field. A tech company might want a "Data Sensitivity Level" field. A project-based organization could track risks by "Department" or "Project Phase."

When a new employee is added to the "Employee" page, due to its onboarding on the HR system (e.g. Personio), the SecFix admin needs to assign a certain Group, for this employee to get the right Policy reading list. Can you add an notification feature, so that the SecFix admins are informed "when new employees is added, or employees where Onboarding is Incomplete"? Thank you 🙌🏻

Customers frequently request to be notified when: -New certificates become available, or Existing documents have been updated. Currently, the Trust Center does not provide automated customer notifications for such changes. This requested feature directly supports customers' compliance processes, reduces their administrative burden, and strengthens trust in our product. It positions the Trust Center as a proactive, compliant information hub - not just a passive document repository.

The option to upload attachments via the comment function is already helpful. Our goal is to have a uniform and traceable storage system for manual evidence in the GDPR module. Currently, I only have the PDF option available for export; the manual evidence appears there, but not the comments. Is there an option to include the comments in the export as well? This would be helpful for verification purposes vis-à-vis supervisory authorities or investors.

The trust center access request email lacks a clear call to action and does not provide any guidance on how to approve the request.