Table of Contents
Summary
Welcome to the May release! This month's updates improve visibility, efficiency, and control across assessments, source selection, reporting, and integrations. Below you'll find detailed updates by section.
Click the play button below (in the upper right corner) for a quick demo of these improvements!
🔍 Assess
Vendor Summary
-
*Bulk Actions*
You can now apply bulk actions—such as flagging or changing compliance—directly from the Vendor Summary. Once one or more questions are selected, a bulk action bar appears with context-aware options, saving time and reducing repetitive work. Learn more. -
New Compliance Type: Acceptable
A new "Acceptable" compliance option is available in Vendor Summary. This allows reviewers to mark informational responses (e.g., company name, location, description) in a way that separates them from traditional compliance scoring. Questions given Acceptable compliance will not affect scoring (ie. not positive or negative). Learn more. -
Labels for Unknown vs. Needs Review
The Vendor Summary interface now clearly differentiates between "Unknown" (AI could not answer) and "Needs Review" (requires human compliance review) using distinct labels and colors. This helps prioritize which responses need attention. Learn more. -
Framework Access Moved
The "More Info" dialog containing the Vendor Summary Framework has been relocated to the header directly above the summary, making it faster to access without switching views. -
Enhanced Filtering by Column
Filters for Question ID, Control ID, Compliance, Confidence, and Question Text are now available at the top of each column. These filters are cumulative and tailored to the content type, making it easier to isolate specific information. Learn more.
Other Whistic AI (formerly Copilot) Workflow Updates
Step 1 - Collect
-
SOC 2 Summaries Excluded from Existing Sources
SOC 2 Summaries are no longer shown in the "Select Sources to Assess" modal. We suggest you start with a new SOC 2 and run a fresh Summary if needed. -
Previously Assessed Filter
The "Previously Assessed" filter in the Existing Sources modal now includes a more descriptive label, helping users avoid selecting outdated or already-reviewed sources. -
Duplicate Sources Hidden
Duplicate sources (same name, size, date) are now hidden from the source selection view. If one version requires approval and another does not, only the accessible version is shown—reducing confusion and helping users select the best version.
Step 2 - Review
-
SOC Summary Notification Links Updated
SOC Summary completion alerts in the Notification Center now link directly to the SOC Summary view within the proper assessment. -
Label for Sources attached to a Questionnaire
Files attached via questionnaires are now labeled in the assessment to show they were added through a questionnaire submission. -
Show Issues During Workflow
If Issues were created during an assessment, a new button appears at the top of the assessment with the total count. Selecting will open a filtered view for that assessment. -
Condensed Assessment Header
To reduce visual clutter, the Assessment Name now appears on the same line as the Company Name. The expand/collapse header functionality has been removed for a more focused layout. -
Improved Issue Creation Button During Review
The button to create an Issue from a questionnaire review is now more prominent and easier to find, eliminating confusion for users performing manual reviews.
Step 3 - Finalize
-
Add Follow-Ups
Follow-up reminders can now be scheduled from the Finalize step of the assessment process. These reminders are also manageable from the Vendor Details page. -
Item Count Indicators
On the Finalize page, each reporting tab now displays the number of items it contains, giving reviewers quicker visibility into content. -
Executive Summary Character Limit Increased
The Executive Summary field now supports significantly more characters, allowing for extended summaries without worrying about text being cut off.
🛡️ Trust Center (Formally Whistic Profile)
*Chrome Plugin: Scan Web Page for Questions*
A new "Scan for Questions" button has been added to the Chrome Plugin. It automatically:
- Scans the current webpage for question-like text
- Uses Smart Search to retrieve answers from your sources
- Injects those answers next to the questions on the page
This feature improves speed and efficiency when responding to questionnaires within third-party vendor risk portals. Learn more.
Email Verification for Public Trust Center Requests
Users requesting access to a shared public trust center must now verify their email before the request is completed. This adds an additional layer of security and prevents unauthorized access. Learn more.
⚙️ Platform
Web Sources: Source Visibility
Vendor Summaries now indicate when a Web Source was used to answer a question, offering greater transparency into how summaries are generated.
📋 Content Updates
Australian Privacy Principles Questionnaire
A new questionnaire is available for organizations that operate in Australia or handle personal data from Australian citizens. Designed with the Australian Privacy Principles (APPs) in mind, this content is particularly relevant to companies with annual turnover exceeding $3 million. Learn more in your Questionnaires menu.
These updates are now live! As always, thank you for choosing Whistic!