Risk Management, My Focus, and Bulk Assignment

This release adds a full risk management module, a personalized My Focus view, and bulk assignment across the app.

Risk management ships as the first premium add-on module. Define risks and threats, map them to controls, run treatment and approval workflows, and track posture over time with the new attention queue and heatmap. Documented exceptions handle carve-outs from controls and policies with multi-approver sign-off, auto-rolling status, and expiry reminders. The SCF threats catalog is integrated out of the box.

My Focus is a new personalized page showing what's on your plate today — your tasks, issues, risks needing attention, and acceptances expiring within 60 days — with an all-caught-up empty state and a live count badge in the sidebar.

Bulk assignment lands as a single generic framework across assessment controls, tasks, issues, risks, and recurring tasks. Pick rows, set owner and due date, and recipients get one rolled-up notification per entity instead of a flood of per-row messages. Assessment controls now have a dedicated state hub with row-selection, an Assignees column, an Assignee filter, and a right-sidebar owner picker with realtime updates.

• Module-based billing lets workspaces add risk as a paid add-on on top of the base compliance subscription
• Risk Posture widget and new stat tiles (Open Risks, Acceptances Expiring) on the workspace dashboard when the risk module is active
• AI chat now has conversation history with search and archive, plus new tools to create notes, navigate, update tasks in bulk, and suggest next steps
• Shared prev/next navigation with w/x keyboard shortcuts across risks, threats, exceptions, tasks, and issues
• Compliance scoring view and docs-as-code groundwork for in-app documentation