Totem Technologies is excited to share the latest features and updates now included in version 4.6 of our Totem™ Cybersecurity Compliance Management tool! Significant updates were made to areas such as ISO controls, POA&M, and other bug fixes. These updates will allow for a smoother compliance management process. All subscribers have been upgraded to version 4.6 and can enjoy the latest features right away. If you’d like to try Totem™ out for yourself, you can request a free trial at the end of this post.
Updated ISO 27001:2022 controls
The most significant improvement to the tool includes the 2022 update to the ISO 27001 standard. Although several controls have remained unaltered, others have been combined, modified, and 11 fresh controls have been introduced. As a result, the total number of controls has decreased from 114 to 93, distributed across 4 categories. However, while the total number of controls has decreased, the associated objectives across all controls has ballooned to over 1000, which is now reflected in the tool.
All subscribers, including those pursuing CMMC, have access to the ISO 27001 framework at no additional cost. Users can easily toggle between frameworks on the Manage page.
Organizations addressing their compliance with ISO 27001 will enjoy the same benefits in the tool as they do when addressing CMMC, including conducting an assessment against the controls framework, performing a qualitative risk assessment, constructing a POA&M and other related policies, and completing corrective actions.
Updates to POA&M
When creating a Corrective Action Plan (CAP) and assigning deficient organization actions (OA) to a CAP, users now can see the OA information text in close proximity to the OA identifiers. By improving the visibility and accessibility of these details, this enhancement allows users to access relevant information more easily.
Additionally, users will no longer encounter nondescript errors when entering CAP titles that exceed 255 characters.
Other Improvements
In addition to general security improvements and bug fixes, other improvements introduced in the 4.6 updates of the Totem™ tool include:
- The text limit for the CUI Inventory lifecycle has been expanded to 2048 characters. This provides users with ample space to accurately document and track the lifecycle of CUI items
- Policy page export now preserves newlines
- Inserting an erroneous date in the CAP creation field now triggers an error notification
- Previously, when users accidentally entered an incorrect search term, organizations would temporarily disappear until a page refresh was performed. This will no longer be an issue as organizations will no longer vanish from view due to mistyped search queries.
We have worked hard to create the necessary security updates included in the release of our 4.6 software update, and hope that you will benefit from them.
-The Totem Team