Release: May 10th 2022
Build: 4.1.0.11038 (on-premise), 4.1.0.10236 (on the cloud)
Install ID: sw410

Installation Instructions (note: Cloud edition is upgraded automatically) 

1. Some enhancements to the look-and-feel, including transition animations for forms and menus. (No UI changes that would require re-training staff).
2. All system forms can now be customized (Enterprise Edition only). Including, for example, the Incident report, Tasks, Tickets, article Metadata and the Asset forms. You can add new fields or hide existing fields to almost all the forms in the system. These new fields are displayed on the screen and added into the database so you can search for them, query them using the API and export them for reporting.
3. Checklists can now store data centrally, in custom lists (tables), where you can store data:
   1. Checklists can now feed form-entered data into a centralized custom list, each checklist submission going into its own record. This is specified in the Settings of the page, under "Checklist Custom List". That list of records can then be searched and exported to Excel for analysis, and can be further customized (changing the order of columns etc.).
   2. A new checklist form field type, "Edit Custom List Record", lets you choose an existing record in the associated custom list for editing. Once all checklist items on the page are complete, the updates to the record will be applied. This lets you have one checklist that creates a record, and another set of pages that have workflow for updating that record - for example vendor or customer records.
   3. Access permissions can be set on the lists so they can only be accessed by specified groups.
   4. Going to a custom list or record in a custom list will display a link to the articles that create or update those records through respective checklists. This is to help users access additional workflow actions for each entry.
4. In the Settings form of an article, you can now set a user group ("Checklist Viewer Group") who will always be able to see all checklist submissions for that article. Users who are in that group will be able to see all filled-out checklists, even if they are marked as private. 
5. If you subscribe to a page to receive checklist updates, you will now be notified even for private checklists that you have permission to view (are in the selected Checklist User Group).
6. An administrator can now subscribe to (or unsubscribe from) pages on behalf of other users.
7. You can now schedule checklists so they are assigned and repeat at a specific frequency. You can set this up in the Send To action on an article that has checklists, and manage it in the "Scheduled Checklists" area under an article. This is especially useful for scheduling regular inspections, as it will then send out emails to remind the user to perform the inspection checklist, and record the data in a list.
8. Checklist form fields that have the same name for a field in a different checklist entry will now pre-populate with information previously entered.
9. Checklist forms submissions can now be given a custom title based on the data entered in the form. Previously the name would be something like "Checklist DD/MM/YY created by XXX". You can now set fields in a form to be used as a title, and the value put into that field will then transfer into the title that you see in the checklist submission list.
10. When creating a checklist form, you can now have a checklist entry assign to the selected asset's "asset supervisor" user, presuming an asset is selected in one of the forms. This lets you get approval for asset related forms, for example, from the user assigned to manage that particular asset (or the supervisor set on a parent asset).
11. There is a new report "Export Checklist Data" that can be run from any article, in Explore mode. It will export any (accessible) data entered into checklists on that page in tabular format that you can copy and paste into Excel for further analysis. You can also create a live link of the data to an existing spreadsheet using the Excel Query feature. (an alternative to this is to use the Custom List feature, and export that to a spreadsheet instead).
12. Tasks can now have categories assigned (from a user-defined list). And an additional report, "Pending Tasks By Category", lets you see all open tasks for a specific category across the entire system (or filtered by department). 
13. Changes to acknowledgements (attestations):
    1. You can now create acknowledgement (attestation) groups
       1. Allows you to put multiple articles into a group and send them all out for acknowledgement at the same time.
       2. Lets you schedule attestation frequency for groups of users. It will then ensure that acknowledgement requests (attestations) are sent to those users at the given frequency.
       3. Report (and link) called "Attestation Group Status" will show the status of all the articles and user attestation requests, including whether each user has responded yet.
       4. You can use this to maintain staff re-certifications also
    2. When sending an Acknowledgement Request, you can now specify how frequently to maintain it, and it will automatically create an attestation group for you.
    3. You can now customize the attestation message that is displayed in the "Acknowledge" form. This is specified in the Metadata link, in the Settings page when editing an article. It can be set differently for each article. If blank, the default attestation message is displayed. 
    4. A new report "Acknowledgements Summary" will display a list of all articles in the system where acknowledgement (attestation) requests have been sent, and will show just the number of users that the request was sent to, and the number who have responded.
    5. When performing an Acknowledgement (attestation) on an article that contains sub-articles, it will now check that you have read the sub-articles before allowing you to submit the acknowledgement. (only if Record Views is enabled in Configuration)
    6. When sending an Acknowledgement Request, you can now request for the user to complete the checklist on the page before they are able to submit the acknowledgement. This can be useful for requesting specific information from them related to the page, for example providing any conflicts of interest when attesting to a Conflict of Interest Policy. 
    7. Acknowledgement requests sent to users who already have a pending acknowledgement will not send a message to that user, but instead update the date of their pending acknowledgement to the date of the action.
    8. The Acknowledgements report now shows the Sent date (the date the acknowledgement/attestation was sent), rather than the Updated date. 
14. The system now warns you if you create an article with the same title as an article elsewhere in the system. It will also provide a link to the existing article.
15. There is a new "Invite User" action available for admins (on the User tab), where you can specify the name and email address of a user to invite to the system. It will create a login and temporary password for them, and email them instructions to access the system. The user is created with minimum privileges. 
16. When submitting an incident report, it now indicates at the top of the form who the incident report will be sent to, for confidentiality reasons and in order to ensure the receiving party is not someone who was involved in the incident.
17. When editing, to insert a # symbol without it being a hashtag, you can now use # - once published it will appear as a single hash symbol and not a link.
18. The Assets tab now has a Check Out / Check In action for recording the usage of assets, a Reserve button to get prior approval for checking out an asset, and a Log button to record a log of how the asset was used. 
19. You can now move articles that are in draft and not published. Previously you could only move them after they were first published.
20. Some of the sample policies now automatically install risk register entries to track, detailing the risk that the policy would ordinarily mitigate.
21. When implementing compliance objective suggestions (by following the prompts), if the policy has previously been downloaded, it will now link to the existing policy rather than download it again.
22. Removing an article when in draft now gives instructions on canceling the draft first. Previously the Remove option was hidden when an article was in draft.
23. Policy Review and Expiration can now be set for multiple articles at the same time using the Admin Functions / Set Policy Expiration/Review action.
24. Review and Expiry tasks no longer email out individually, they now send out through the daily aggregated assignment email only. 
25. You can now multi-select users (on the Users tab) and add those users to a specified user group (Admin only).
26. There is an "Import Users From Spreadsheet" action on a User Group now, available only to admins, that lets you import a list of users from a spreadsheet to add to a specific user group.
27. Added Incident Report response types of Containment and Recovery, as per CMMC regulatory requirements.
28. A scheduled repeating task will now update the Due By date for the next period (in addition to the scheduled date).
29. A Policy Review will now be considered late only if it has passed the due-by date, if specified. Otherwise it will be considered late immediately after it is scheduled.
30. The API functions now include the ability to ignore warnings. The warnings are specified in the URL with the parameter igwarn. It multiple warnings are specified to ignore, they should each by separated by a pipe ("|") character. The values should be URL encoded.
31. Fixed an issue introduced in the last release where the menu in the navigator would pop-up off screen if you open it near the bottom of the page.
32. Fixed an issue where new acknowledgement requests (attestation) would overwrite previous acknowledgement requests. They are now always added into one list to retain the whole history. Pending acknowledgements are canceled and replaced with a new acknowledgement if it's the same user.
33. Fixed an issue when creating a ticket where users could invite other emails to the ticket and this would create a login for the user (with lowest permissions).
34. Fixed an issue where the policy expiration/review would not always show on the Stats page
35. Fixed an issue where the compliance evidence linked to a risk mitigation would not always pick up the fact it was mitigated.
36. Fixed an issue with viewing key results for objectives (checklists).
37. Fixed an issue where assets could not be viewed by some wiki managers because of an intermittent permissions issue.
38. Fixed an issue with an error for approval on the Compliance tab, if a risk analyst user deleted a compliance framework without admin rights.
39. Fixed an issue where repeating scheduled tasks would not properly set the new date in certain conditions.
40. The "Article Info" tab in Explore mode under a page is now called "Admin Functions" and is hidden unless you are an admin. This section now contains buttons to access various administrator functions.
41. Fixed an issue with installing sample articles, where a blank form would sometimes appear right after downloading.
42. Fixed an issue where expiring compliance evidences would not be marked invalid automatically. 
43. Fixed an issue where in a rare situation the search index would not be initialized at startup.
44. Fixed an issue where short names of checklist form fields were allowed to have spaces in, which would break submitting the form. We now show an error if you attempt to specify an invalid short name.
45. Fixed an occasional issue with installing sample articles where additional empty articles would sometimes appear after downloading.
46. Fixed an issue with multi-selecting items in a sub-tab while in explore mode, where it would switch tabs in certain circumstances.
47. Fixed an issue where the Quiz tab would break when downloading certain sample policies.
48. Fixed an issue where quizzes downloaded from policies in the sample library would not work under certain conditions.
49. Fixed a layout issue with the Safari browser on a Mac, which showed up when the zoom level was set to < 100%.
50. Fixed a performance issue when thousands of assignments were pending (eg. undergoing several compliance audits at once).
51. Fixed an issue where many acknowledgements (attestations) are sent at once, it would not always recognize the percentage of complete attestations for risk and compliance purposes. Also fixed a timeout issue with many acknowledgements that affected certain email servers.
52. Fixed an issue with the Article Access By Date report where it would throw an error in certain circumstances.
53. Fixed several security issues (request for details) and general performance enhancements to improve responsiveness and scalability.