What's New in MyCompliance

We have recently released Google Workspace User Provisioning which automates the onboarding and offboarding of users within the MyCompliance platform. This ensures accurate, up-to-date access control without the need for manual intervention.

Features & Benefits:

• Automated user provisioning & deactivation: Seamlessly add, update, or remove users as they join or leave.
• Reduced administrative overhead: Eliminates manual directory updates, freeing up valuable time.
• Real-time synchronisation: Immediate access control updates to minimise unauthorised access risks.
• Single sign-on integration: Secure logins using Google credentials, improving security and user experience.
• Google Groups & Departments: Ability to target Google Groups with content and report on the users assigned departments.

Why Use It?
Google Workspace User Provisioning automates user management, reducing errors and ensuring secure, up-to-date access control within MyCompliance.

We have now enabled admins to set up automated triggers that enrol new users into previously published courses based on specific conditions.

Features

1. Dynamic Course Enrollment via Triggers
   • Admins can configure rules to enroll new users in courses automatically once conditions are met.
   • Includes a dropdown that lists published (non-campaign) or new trigger courses, ensuring the content is current and applicable.

Benefits

• Maximised Utilisation of Existing Resources
  Ensures previously published courses continue to deliver value by targeting new learners.
• Improved Efficiency
  Saves time by automating user enrolment, eliminating the need for manual assignments.
• Enhanced Learning Coverage
  Guarantees that key risk management topics are consistently delivered to all relevant users.

More info here

We have introduced a new ‘Date of Last Connection’ column in the MetaEngage Clients Report. This update provides administrators with greater visibility into end users most recent connections with the metaengage client, making it easier to identify why some users have not yet received their content.

Admins can now customise the tiles displayed on the user homepage and the MyCompliance Teams App. This feature ensures users see only relevant modules, enhancing focus and engagement with key security and compliance tasks.

Features & Benefits:

• Seamless Experience Across Platforms: When modules are hidden on the homepage, they will also be hidden in the MyCompliance Teams App, providing a consistent and clutter-free experience across both platforms.
• Improved User Focus: By removing irrelevant modules, users can focus on the most critical tasks.

More info here

Buttons on policies will now be grouped into a drop-up menu when they exceed the available screen width. Users can effortlessly view and access all the options in a compact, user-friendly manner, regardless of the number of buttons.

With this enhancement, we address a usability gap, ensuring our PDF viewer meets expectations for accessibility and functionality.

Introducing an automated timing setting for long-term leave user statuses. Admins will now have the ability to set specific durations for long-term leave, ensuring that user statuses are automatically updated when the leave period ends. The system also provides the flexibility to keep users on indefinite long-term leave, with manual reactivation only when needed.

Features & Benefits:

• Automated Status Update: Admins can set a reactivation date for users on long-term leave, allowing the system to automatically update their status after the specified period, eliminating the need for manual follow-up.
• Flexible Leave Duration: Admins have the option to either set a specific leave period or keep the user in ‘long-term leave’ indefinitely, providing flexibility for different types of leave scenarios.

More information here

Localising the user interface & notifications of our MyCompliance Teams App ensures employees worldwide can clearly understand and engage with compliance tasks, reducing errors, boosting completion rates, and improving security awareness across the organisation.

Admins can now rearrange entire sections simply by dragging and dropping during the template creation phase. This eliminates the need to rebuild sections from scratch, saving valuable time and reducing admin workload.

Benefits:

• Streamlined Organisation: Quickly reorder sections without the hassle of recreating content.
• Time-Saving Efficiency: Focus on enhancing course quality rather than managing content structure.

This update simplifies course deployment, helping you build and launch courses more efficiently.

We’re excited to release Risk Score Insights, a new enhancement to the Employee Risk Score feature. This addition offers greater transparency into the user behaviour that is impacting their risk scores.

Key Features:

Administrator Updates

• Detailed Risk Insights: A new ‘View Insights’ button is accessible from the organisational and departmental risk charts for each user, providing admins with clarity on why risk scores are fluctuating.
• Addition of ‘Join Date’: Allows admins to easily identify why some users engagement levels could be low (such as new joiners).

End User Updates

• User Visibility: End users can now see what risk factors and content contribute to their score, with quick access to complete outstanding content to encourage them to reduce their score & increase engagement.
• Revisit Course Option: Users can see quizzes that they have performed poorly on and can revisit the course again to improve their knowledge in that area.
• Tips to Improve Scores: End users will be provided with information on how their scores are calculated along with top tips to help reduce their score.

This update enables admins to make informed decisions to help reduce risk and empowers employees to proactively manage their risk scores. Please see the following articles for more information:

• End User Risk Insights
• Admin Risk Insights

We have made some exciting new user experience enhancements to MetaEngage. These updates are only available on the MetaEngage v2 Client. More info here.

Here’s what’s new:

• Remind Me Later Button: Allowing users quickly snooze the client if they don’t have time to complete.
• Updated Snooze Text: Clearer messaging for users to understand what happens after they snooze the client.
• Enhanced Toast Notification: Displays outstanding content for completion and deadline when the content will ‘lock out’.

To take advantage of these updates, we recommend users restarting their machines (or scheduling a force restart) to ensure they are on the latest version of the client. These updates are only available for customers who have installed MetaEngage Client v2.

We have released a minor update to our privacy module to allow the renaming of the “System” section title across all of the privacy registers.

Benefits

• Clear, accurate labelling
• Improved register management
• Consistent updates across views and exports

Problem
Some customers only use the MyCompliance Teams App for completion of content. Therefore, end users lack visibility into their risk scores and this gap leaves employees unaware of their security risk to the organisation.

Solution
We have released a dedicated area within the MyCompliance Teams to display end users’ risk scores. This ensures immediate visibility without needing to access the platform directly. Risk Score will only be available for customers that have the ‘Admin & End User Dashboard’ enabled.

Features & Benefits

• Risk Score visible within MyCompliance Teams
• Seamless updates from the main platform
• Supports both light and dark modes

Global organisations often face challenges in delivering a seamless user experience and ensuring employees fully engage with compliance platforms and security tasks. Language barriers can hinder understanding of critical information, reduce engagement, and impact the effectiveness of training, policy reviews, and notifications.

To address this issue and improve engagement we have introduced the language bot on the homepage.

• Language Selection Icon: Users can now easily switch the language of the homepage and other pages, improving accessibility and engagement.
• Tailored User Experience: Employees will engage with content in their chosen language, boosting participation and adherence to compliance tasks.

These updates are available on the latest version of MyCompliance Teams App, v4.

We’ve redesigned the Company Edit page to enhance navigation and streamline the user experience, making it easier to manage settings. Key updates include:

• Improved Layout: A new side navigation panel for the Settings, Risk Score and Platform Customisation pages.
• Colour Theme Customisation: Now featuring smaller colour dots for theme selection, with an additional option to choose a theme layout.

These changes ensure smoother navigation and make configuring platform settings more intuitive.

The new Risk Score Customisation feature enables customers to adjust the weighting of key risk factors, including content completion, quiz performance, and phishing simulation interactions, to help ensure the scores better reflects the most critical risks to your organisation.

Key Benefits:

• Tailor risk scoring for a more accurate reflection of employee behaviour.
• Prioritise critical factors such as phishing simulations or training engagement.
• Make informed, data-driven decisions to mitigate insider threats and address knowledge gaps.

For more information, please view the following knowledge articles:

Guidance for customising Employee Risk Scores

Updates to Employee Risk Scores

Organisations had limited visibility into their email suppression lists within the MyCompliance platform, leading to challenges in ensuring that targeted content reaches the right audience. This lack of transparency increases the risk of non-compliant conversations.

We are introducing the Suppression List report, designed to empower security leaders and their teams by providing direct access to AWS email suppression lists within the MyCompliance application (registration and content notification emails – not phishing emails). This feature enhances transparency, streamlines processes, and enables proactive management of email deliverability issues. More info here 

We’ve extended the maximum delay between steps in a triggers campaign from 5 days to 30 days. This update allows admins to create longer campaigns, such as onboarding sequences or high-touch campaigns for users who require more guidance which are crucial for reinforcing training and improving compliance over time.

Additionally, the ‘preview’ function has been added to the first step of the campaign, allowing admins to easily review the content before it is deployed.

Admins now have the flexibility to delete fusion templates before they’ve been published. This enhancement allows for more control and reduces potential clutter from unused templates.

We’ve enhanced the user experience by giving Cyber Police a dedicated and prominent space in the ‘Not Typical eLearning’ tile on the Teams app homepage. This change not only makes the content easier to find but also encourages engagement with more dynamic, story-driven security training.

Problem – Admins were finding it difficult to manage reminder emails effectively due to the lack of flexibility over reminder frequency and timing. These limitations made it hard to align reminder systems with internal compliance standards and escalation processes, which is critical to managing human risk.

Solution – We are introducing enhanced customisation for reminder emails, providing you with full control over when and now, how often they are sent.  With this update, you can adjust reminder frequencies to weekly, bi-weekly or monthly. This flexibility allows you to align reminders with your organisation’s compliance criteria.

Value – Our admins understand the importance of timely, relevant reminders in driving compliance and reinforcing security behaviours. This update gives you the flexibility and control needed to optimise engagement with training programs that are crucial to reducing human risk.

We have introduced ISO 27001:2022 as a new category, allowing customers to assign policies and other content directly to the latest ISO standard. This ensures clear organisation and documentation of compliance efforts, which is critical during ISO audits. The ISO 27001:2013 category will remain available to support existing content. View more.

Features & Benefits:

• Up-to-date compliance: Align policies and content with latest ISO27001:2022, ensuring readiness for audits.
• Seamless integration: Easily assign, filter, and manage content like other standards (NIST, PCI DSS).
• Improved audit preparedness: Simplifies demonstrating compliance via the Category Overview Report, making audit processes faster and more effective.

Security leaders are increasingly concerned about how well their teams understand and retain critical security training. However, current reporting lacks insight into how many attempts it takes for users to successfully pass a course quiz. This lack of visibility makes it challenging to assess comprehension levels and identify potential human risks within the organisation.

We have introduced a new feature in the Fusion Course Analysis report that tracks the number of attempts users make to pass a quiz. This enhancement will provide administrators with deeper insights into user performance, allowing for more informed decision-making around training effectiveness and potential areas of vulnerability.

Features & Benefits:

• Detailed Attempt Tracking: Administrators can now see the exact number of attempts each user took to pass a quiz, providing a clear indicator of how well users are absorbing and retaining the training material.
• Integrated Reporting: This new data is seamlessly integrated into the Fusion Course Analysis report, displayed alongside quiz scores, making it easy to analyse performance without additional tools or steps.
• Custom and Embedded Quizzes: Whether it’s an embedded or a custom quiz, the number of attempts is tracked and reported, ensuring comprehensive coverage across all types.
• Actionable Insights: By understanding how many attempts are needed, admins can identify users or groups who may need additional support, helping to reduce human risk and improve overall security posture.

The ability to track quiz attempts provides a clearer picture of how effectively users are learning and retaining crucial security information. By leveraging these insights, you can tailor training initiatives, address potential weaknesses early on, and ultimately foster a more security-conscious culture within your organisation.

This feature addresses the need for a more modern and streamlined user interface by refreshing the design of the DACH Outlook Web App Plugin, including the logo and customer-facing messages or modals seen by end users when reporting emails. Implementing this feature leads to an improved user experience by providing a cleaner, fresher look throughout the button and all associated modals. By adopting this feature, organisations can benefit from a more cohesive and professional appearance, enhancing both usability and visual appeal for end users.

This feature addresses the limitations in learning experience content for multilingual phishing simulations by enabling the use of all types of Learning Experience formats beyond video.

By allowing admins to choose from a wider range of content types for their phishing simulation learning experience, this enhancement improves flexibility and caters to different learning preferences, leading to better comprehension and retention for users in multilingual environments.

Implementing this feature leads to a more tailored and effective approach to cybersecurity training across diverse linguistic groups.

By adopting this feature, businesses can achieve higher engagement and improved training outcomes in phishing simulations, ensuring a more robust defense against phishing attacks.

Some customers faced challenges when the original reporter decided to leave the organisation, incident ownership defaults to the administrator, with no option of reassign the incident to another individual. Also, the incident reporter was not visible across all our reports, which in turn took longer to track accountability.

Features:

We have added a new “Change Incident Reporter” option allows administrators to reassign incident ownership easily.

Additionally, we have enhanced the Incident Report and Summary views by adding the “Incident Reporter” to these reports. This provides clear visibility into who reported each incident across all our reports.

View more.

Benefits:

• Flexibility: Reassign incidents to the right person, ensuring accurate ownership.
• Clear Visibility: Quickly see who reported each incident without extra steps.
• Improved Management: Maintain context and streamline incident handling, even when reporters leave.