What's New in MyCompliance

Introducing an automated timing setting for long-term leave user statuses. Admins will now have the ability to set specific durations for long-term leave, ensuring that user statuses are automatically updated when the leave period ends. The system also provides the flexibility to keep users on indefinite long-term leave, with manual reactivation only when needed.

Features & Benefits:

• Automated Status Update: Admins can set a reactivation date for users on long-term leave, allowing the system to automatically update their status after the specified period, eliminating the need for manual follow-up.
• Flexible Leave Duration: Admins have the option to either set a specific leave period or keep the user in ‘long-term leave’ indefinitely, providing flexibility for different types of leave scenarios.

More information here

Localising the user interface & notifications of our MyCompliance Teams App ensures employees worldwide can clearly understand and engage with compliance tasks, reducing errors, boosting completion rates, and improving security awareness across the organisation.

Admins can now rearrange entire sections simply by dragging and dropping during the template creation phase. This eliminates the need to rebuild sections from scratch, saving valuable time and reducing admin workload.

Benefits:

• Streamlined Organisation: Quickly reorder sections without the hassle of recreating content.
• Time-Saving Efficiency: Focus on enhancing course quality rather than managing content structure.

This update simplifies course deployment, helping you build and launch courses more efficiently.

We’re excited to release Risk Score Insights, a new enhancement to the Employee Risk Score feature. This addition offers greater transparency into the user behaviour that is impacting their risk scores.

Key Features:

Administrator Updates

• Detailed Risk Insights: A new ‘View Insights’ button is accessible from the organisational and departmental risk charts for each user, providing admins with clarity on why risk scores are fluctuating.
• Addition of ‘Join Date’: Allows admins to easily identify why some users engagement levels could be low (such as new joiners).

End User Updates

• User Visibility: End users can now see what risk factors and content contribute to their score, with quick access to complete outstanding content to encourage them to reduce their score & increase engagement.
• Revisit Course Option: Users can see quizzes that they have performed poorly on and can revisit the course again to improve their knowledge in that area.
• Tips to Improve Scores: End users will be provided with information on how their scores are calculated along with top tips to help reduce their score.

This update enables admins to make informed decisions to help reduce risk and empowers employees to proactively manage their risk scores. Please see the following articles for more information:

• End User Risk Insights
• Admin Risk Insights

We have made some exciting new user experience enhancements to MetaEngage. These updates are only available on the MetaEngage v2 Client. More info here.

Here’s what’s new:

• Remind Me Later Button: Allowing users quickly snooze the client if they don’t have time to complete.
• Updated Snooze Text: Clearer messaging for users to understand what happens after they snooze the client.
• Enhanced Toast Notification: Displays outstanding content for completion and deadline when the content will ‘lock out’.

To take advantage of these updates, we recommend users restarting their machines (or scheduling a force restart) to ensure they are on the latest version of the client. These updates are only available for customers who have installed MetaEngage Client v2.

We have released a minor update to our privacy module to allow the renaming of the “System” section title across all of the privacy registers.

Benefits

• Clear, accurate labelling
• Improved register management
• Consistent updates across views and exports

Problem
Some customers only use the MyCompliance Teams App for completion of content. Therefore, end users lack visibility into their risk scores and this gap leaves employees unaware of their security risk to the organisation.

Solution
We have released a dedicated area within the MyCompliance Teams to display end users’ risk scores. This ensures immediate visibility without needing to access the platform directly. Risk Score will only be available for customers that have the ‘Admin & End User Dashboard’ enabled.

Features & Benefits

• Risk Score visible within MyCompliance Teams
• Seamless updates from the main platform
• Supports both light and dark modes

Global organisations often face challenges in delivering a seamless user experience and ensuring employees fully engage with compliance platforms and security tasks. Language barriers can hinder understanding of critical information, reduce engagement, and impact the effectiveness of training, policy reviews, and notifications.

To address this issue and improve engagement we have introduced the language bot on the homepage.

• Language Selection Icon: Users can now easily switch the language of the homepage and other pages, improving accessibility and engagement.
• Tailored User Experience: Employees will engage with content in their chosen language, boosting participation and adherence to compliance tasks.

These updates are available on the latest version of MyCompliance Teams App, v4.

We’ve redesigned the Company Edit page to enhance navigation and streamline the user experience, making it easier to manage settings. Key updates include:

• Improved Layout: A new side navigation panel for the Settings, Risk Score and Platform Customisation pages.
• Colour Theme Customisation: Now featuring smaller colour dots for theme selection, with an additional option to choose a theme layout.

These changes ensure smoother navigation and make configuring platform settings more intuitive.

The new Risk Score Customisation feature enables customers to adjust the weighting of key risk factors, including content completion, quiz performance, and phishing simulation interactions, to help ensure the scores better reflects the most critical risks to your organisation.

Key Benefits:

• Tailor risk scoring for a more accurate reflection of employee behaviour.
• Prioritise critical factors such as phishing simulations or training engagement.
• Make informed, data-driven decisions to mitigate insider threats and address knowledge gaps.

For more information, please view the following knowledge articles:

Guidance for customising Employee Risk Scores

Updates to Employee Risk Scores

Organisations had limited visibility into their email suppression lists within the MyCompliance platform, leading to challenges in ensuring that targeted content reaches the right audience. This lack of transparency increases the risk of non-compliant conversations.

We are introducing the Suppression List report, designed to empower security leaders and their teams by providing direct access to AWS email suppression lists within the MyCompliance application (registration and content notification emails – not phishing emails). This feature enhances transparency, streamlines processes, and enables proactive management of email deliverability issues. More info here 

We’ve extended the maximum delay between steps in a triggers campaign from 5 days to 30 days. This update allows admins to create longer campaigns, such as onboarding sequences or high-touch campaigns for users who require more guidance which are crucial for reinforcing training and improving compliance over time.

Additionally, the ‘preview’ function has been added to the first step of the campaign, allowing admins to easily review the content before it is deployed.

Admins now have the flexibility to delete fusion templates before they’ve been published. This enhancement allows for more control and reduces potential clutter from unused templates.

We’ve enhanced the user experience by giving Cyber Police a dedicated and prominent space in the ‘Not Typical eLearning’ tile on the Teams app homepage. This change not only makes the content easier to find but also encourages engagement with more dynamic, story-driven security training.

Problem – Admins were finding it difficult to manage reminder emails effectively due to the lack of flexibility over reminder frequency and timing. These limitations made it hard to align reminder systems with internal compliance standards and escalation processes, which is critical to managing human risk.

Solution – We are introducing enhanced customisation for reminder emails, providing you with full control over when and now, how often they are sent.  With this update, you can adjust reminder frequencies to weekly, bi-weekly or monthly. This flexibility allows you to align reminders with your organisation’s compliance criteria.

Value – Our admins understand the importance of timely, relevant reminders in driving compliance and reinforcing security behaviours. This update gives you the flexibility and control needed to optimise engagement with training programs that are crucial to reducing human risk.

We have introduced ISO 27001:2022 as a new category, allowing customers to assign policies and other content directly to the latest ISO standard. This ensures clear organisation and documentation of compliance efforts, which is critical during ISO audits. The ISO 27001:2013 category will remain available to support existing content. View more.

Features & Benefits:

• Up-to-date compliance: Align policies and content with latest ISO27001:2022, ensuring readiness for audits.
• Seamless integration: Easily assign, filter, and manage content like other standards (NIST, PCI DSS).
• Improved audit preparedness: Simplifies demonstrating compliance via the Category Overview Report, making audit processes faster and more effective.

Security leaders are increasingly concerned about how well their teams understand and retain critical security training. However, current reporting lacks insight into how many attempts it takes for users to successfully pass a course quiz. This lack of visibility makes it challenging to assess comprehension levels and identify potential human risks within the organisation.

We have introduced a new feature in the Fusion Course Analysis report that tracks the number of attempts users make to pass a quiz. This enhancement will provide administrators with deeper insights into user performance, allowing for more informed decision-making around training effectiveness and potential areas of vulnerability.

Features & Benefits:

• Detailed Attempt Tracking: Administrators can now see the exact number of attempts each user took to pass a quiz, providing a clear indicator of how well users are absorbing and retaining the training material.
• Integrated Reporting: This new data is seamlessly integrated into the Fusion Course Analysis report, displayed alongside quiz scores, making it easy to analyse performance without additional tools or steps.
• Custom and Embedded Quizzes: Whether it’s an embedded or a custom quiz, the number of attempts is tracked and reported, ensuring comprehensive coverage across all types.
• Actionable Insights: By understanding how many attempts are needed, admins can identify users or groups who may need additional support, helping to reduce human risk and improve overall security posture.

The ability to track quiz attempts provides a clearer picture of how effectively users are learning and retaining crucial security information. By leveraging these insights, you can tailor training initiatives, address potential weaknesses early on, and ultimately foster a more security-conscious culture within your organisation.

This feature addresses the need for a more modern and streamlined user interface by refreshing the design of the DACH Outlook Web App Plugin, including the logo and customer-facing messages or modals seen by end users when reporting emails. Implementing this feature leads to an improved user experience by providing a cleaner, fresher look throughout the button and all associated modals. By adopting this feature, organisations can benefit from a more cohesive and professional appearance, enhancing both usability and visual appeal for end users.

This feature addresses the limitations in learning experience content for multilingual phishing simulations by enabling the use of all types of Learning Experience formats beyond video.

By allowing admins to choose from a wider range of content types for their phishing simulation learning experience, this enhancement improves flexibility and caters to different learning preferences, leading to better comprehension and retention for users in multilingual environments.

Implementing this feature leads to a more tailored and effective approach to cybersecurity training across diverse linguistic groups.

By adopting this feature, businesses can achieve higher engagement and improved training outcomes in phishing simulations, ensuring a more robust defense against phishing attacks.

Some customers faced challenges when the original reporter decided to leave the organisation, incident ownership defaults to the administrator, with no option of reassign the incident to another individual. Also, the incident reporter was not visible across all our reports, which in turn took longer to track accountability.

Features:

We have added a new “Change Incident Reporter” option allows administrators to reassign incident ownership easily.

Additionally, we have enhanced the Incident Report and Summary views by adding the “Incident Reporter” to these reports. This provides clear visibility into who reported each incident across all our reports.

View more.

Benefits:

• Flexibility: Reassign incidents to the right person, ensuring accurate ownership.
• Clear Visibility: Quickly see who reported each incident without extra steps.
• Improved Management: Maintain context and streamline incident handling, even when reporters leave.

To help improve navigation, we have integrated the Assessment Creator and Assessment Reporting features as tiles directly onto the main Privacy Admin homepage and moved their positions on the left navigation panel.

Features & Benefits:

• Consistent Layout: Aligns with existing modules (Policy, Learning, Phish) for a unified user journey.
• Ease of Access: Reduces training time by making key features readily accessible.

This improvement helps streamline the user navigation and enables data protection & security teams to have quick access to some of the most used features.

This feature addresses the problem of only recording end user IP addresses when they complete the phish learning experience causing confusion and inconsistencies in phish reporting.

By updating the phish reporting mechanism to record IP addresses when users click on a phish instead of when they open a learning experience, this feature solves the problem by providing clear and consistent data throughout reports.

Implementing this feature leads to increased credibility and accuracy in phish reporting, as IP addresses will be reliably recorded during the phish interaction, and organisations can trust the data for dispute resolution.

By adopting this feature, businesses can achieve enhanced data integrity, driving overall growth and success through improved trust and reliability in phishing simulation results.

Manual interventions, routine tasks, and human error in processes all slow down human risk management initiatives and productivity on the platform.

MetaFlows is a dynamic rule-based engine that automates actions based on a set of predefined rules. It allows you to create custom rules for proactive responses and automated actions on the platform. This feature is designed to eliminate manual tasks, providing seamless automation tailored to your unique workflows.

1. Rule-Based Intelligence: Set custom rules for tailored automation to save you time.
2. Effortless Integration: Works with your existing modules.
3. Real-time Triggers: Immediate actions based on events to ensure timely risk remediation.
4. Scalability: Grows with your business needs.
5. Audit and Reporting: Track and optimises workflows easily to demonstrate proactive risk management.

MetaFlows boosts efficiency, cuts down manual work, and reduces errors in human risk management. It helps teams focus on strategic tasks and strengthens your security posture with smart automation.

How to set up MetaFlows: More information here

Introducing a new feature that allows admins to export all responses for one survey into excel.

Features:

1. Export Button: Clearly visible export button in the survey analysis report.
2. Excel Export Format: Exported Excel file containing structured data, including survey name, question number, question text, user details (if not anonymous), and response text.
3. Anonymity Respect: Ensures anonymous surveys do not include user-identifiable information.

Benefits:

1. Time Savings: Drastically reduces the time needed to review survey responses by enabling bulk data export.
2. Enhanced User Experience: Simplifies the process for admins, making data analysis more accessible and straightforward.
3. Data Analysis Support: Provides a structured format for survey data, facilitating deeper insights and more comprehensive analysis.

This new export feature is essential for improving awareness and managing human risk effectively within your organisation. By streamlining the data analysis process, it allows you to quickly identify trends from survey responses. This enables more informed decision-making and enhances the overall security posture.

Introducing a feature that sends the registration emails in users’ preferred languages. This enhancement ensures that all initial communications are compliant and comprehensible, improving the user experience and operational efficiency.

Features:

1. Pre-made Language Registration Emails: Access to 43 pre-translated registration email templates.
2. Customisable Templates: Ability to edit email templates to include logos and other customisations.
3. Automated Language Selection: Registration emails are sent automatically in the user’s preferred language if that information is populated.

Benefits:

1. Improved Efficiency: Eliminates the need for manual translation insertion, saving valuable admin time.
2. Enhanced User Experience: Users receive emails in their preferred language, improving comprehension and engagement.

By ensuring that registration emails are sent in the user’s preferred language, it fosters better communication and understanding, reducing the risk of misinterpretation and non-compliance.

More info here