[{"data":1,"prerenderedAt":127},["ShallowReactive",2],{"changelog-2026-05-04-risk-management":3,"changelog-2026-05-04-risk-management-surround":116},{"id":4,"title":5,"api":6,"authors":7,"body":13,"category":52,"date":53,"description":54,"extension":55,"features":56,"fixes":78,"highlight":6,"image":91,"improvements":93,"meta":110,"navigation":111,"path":112,"seo":113,"stem":114,"__hash__":115},"posts\u002F3.now\u002F2026-05-04-risk-management.md","Risk Management, My Focus, and Bulk Assignment",null,[8],{"name":9,"to":10,"avatar":11},"Justin Leapline","https:\u002F\u002Fwww.linkedin.com\u002Fin\u002Fjustinleapline\u002F",{"src":12},"\u002Fimages\u002Fjustinleapline.png",{"type":14,"value":15,"toc":48},"minimark",[16,20,23,26,29],[17,18,19],"p",{},"This release adds a full risk management module, a personalized My Focus view, and bulk assignment across the app.",[17,21,22],{},"Risk management ships as the first premium add-on module. Define risks and threats, map them to controls, run treatment and approval workflows, and track posture over time with the new attention queue and heatmap. Documented exceptions handle carve-outs from controls and policies with multi-approver sign-off, auto-rolling status, and expiry reminders. The SCF threats catalog is integrated out of the box.",[17,24,25],{},"My Focus is a new personalized page showing what's on your plate today — your tasks, issues, risks needing attention, and acceptances expiring within 60 days — with an all-caught-up empty state and a live count badge in the sidebar.",[17,27,28],{},"Bulk assignment lands as a single generic framework across assessment controls, tasks, issues, risks, and recurring tasks. Pick rows, set owner and due date, and recipients get one rolled-up notification per entity instead of a flood of per-row messages. Assessment controls now have a dedicated state hub with row-selection, an Assignees column, an Assignee filter, and a right-sidebar owner picker with realtime updates.",[30,31,32,36,39,42,45],"ul",{},[33,34,35],"li",{},"Module-based billing lets workspaces add risk as a paid add-on on top of the base compliance subscription",[33,37,38],{},"Risk Posture widget and new stat tiles (Open Risks, Acceptances Expiring) on the workspace dashboard when the risk module is active",[33,40,41],{},"AI chat now has conversation history with search and archive, plus new tools to create notes, navigate, update tasks in bulk, and suggest next steps",[33,43,44],{},"Shared prev\u002Fnext navigation with w\u002Fx keyboard shortcuts across risks, threats, exceptions, tasks, and issues",[33,46,47],{},"Compliance scoring view and docs-as-code groundwork for in-app documentation",{"title":49,"searchDepth":50,"depth":50,"links":51},"",2,[],"changelog","2026-05-04","A full risk management module with exceptions and module-based billing, a personalized My Focus view, and bulk control assignment with shared prev\u002Fnext navigation.","md",[57,60,63,66,69,72,75],{"label":58,"text":59},"Risk Management","New risk module with risk register, threats catalog, treatment workflow, attention queue, heatmap, and SCF threats integration",{"label":61,"text":62},"Exceptions","Documented carve-outs from controls and policies with multi-approver sign-off, auto-rolling status, and expiry windows",{"label":64,"text":65},"My Focus","Personalized \"what's on my plate\" page with my tasks, issues, risks needing attention, and acceptances expiring within 60 days",{"label":67,"text":68},"Bulk Assignment","Bulk-assign owners and due dates across assessment controls, tasks, issues, risks, and recurring tasks with rolled-up notifications",{"label":70,"text":71},"Modules Billing","Risk sold as a premium add-on on top of the base subscription, with in-app trial access and a unified manage-modules picker",{"label":73,"text":74},"AI Chat","Chat conversation history with search and archive, plus new tools for creating notes, navigating, updating tasks, and suggesting next steps",{"label":76,"text":77},"Dashboard","Risk Posture widget, Open Risks and Acceptances Expiring stat tiles, and a compliance scoring view",[79,82,85,88],{"label":80,"text":81},"Billing","isSubscribed now reads billing_status, billing endpoints are admin-gated server-side, and post-payment redirect lands on the workspace dashboard",{"label":83,"text":84},"Scopes","linkScope is idempotent to prevent duplicate junction inserts",{"label":86,"text":87},"Focus Mode","Prevent loading freeze when navigating into focus mode",{"label":89,"text":90},"Sentry","Suppress Supabase lock-steal AbortError and Nuxt build manifest fetch errors from error reporting",{"src":92},"\u002Fimages\u002Fchangelog\u002Frisk-management.jpg",[94,97,100,102,104,107],{"label":95,"text":96},"Notifications","Risk ownership and exception expiry alerts wired through email and Slack, with per-channel opt-out in settings",{"label":98,"text":99},"Navigation","Shared prev\u002Fnext navigation across risks, threats, exceptions, tasks, and issues with w\u002Fx keyboard shortcuts",{"label":86,"text":101},"Only my controls",{"label":83,"text":103},"Tasks now support multiple scopes per program via a new junction table, replacing the single-scope field",{"label":105,"text":106},"Reports","Compliance snapshot export replaced with a configurable report template, with aligned content widths",{"label":108,"text":109},"Background Jobs","Convert and embed jobs moved to Vercel cron pulling directly from pgmq queues for tighter scheduling",{},true,"\u002Fnow\u002F2026-05-04-risk-management",{"title":5,"description":54},"3.now\u002F2026-05-04-risk-management","K3Jg2FnsAfZtfFRbvCMKx2wiRfNNP1weQz2v-oKZYy4",[117,122],{"title":118,"path":119,"stem":120,"description":121,"children":-1},"Program Scopes & Assurance Tracking","\u002Fnow\u002F2026-03-17-program-scopes-assurance","3.now\u002F2026-03-17-program-scopes-assurance","Per-scope assurance tracking with control degradation measurement, assurance overrides with attestation, confidence snapshots, and billing overrides.",{"title":123,"path":124,"stem":125,"description":126,"children":-1},"AI Governance and Compliance: What Every SaaS Company Needs to Know","\u002Fnow\u002Fai-governance-compliance","3.now\u002Fai-governance-compliance","A practical guide to AI governance for SaaS companies – covering regulatory requirements, model documentation...",1778025270666]