Release Notes
Version 4.3.4
The following bugs have been fixed in this release
[BCW-10316] Two active versions for the same risk/control in the system
Version 4.3.3
The following bugs have been fixed in this release
[BCW-10171] Action management catalogue fails to filter by users that have a forward slash in their name
[BCW-10180] In case of many risks/control-versions the excel export may run into a timeout exception
[BCW-10219] Wrong facet name on German UI
Version 4.3.2
The following bugs have been fixed in this release
[BCW-10093] Heavy load on the system may lead to empty drop-down values inside forms
[BCW-10094] IKS Matrix report doesn’t show the obsolete controls
[BCW-10101] Risk Catalogue and Control Catalogue show wrong numbers of entries
[BCW-10107] Automated workflow starts are triggered for “on demand”/”occasionally” interval if the corresponding date is set
[BCW-10108] Apigateway timeout makes not possible to download the IKS Matrix
Version 4.3.1
The following bugs have been fixed in this release
[BCW-9972] Risks and Controls imported from BPD do not show their correct status in BPC after depublishing
[BCW-9974] The 2nd Context Subcategory is not shown properly in Risk Details in certain scenarios
[BCW-9984] In some cases not all data gets removed properly when a tenant cleanup is triggered
[BCW-10046] Cleanup Tenant and Delete Tenant features may fail due to a request timeout
[BCW-10091] Error handling obsolete flag in forms
Version 4.3.0
New features
The Risk Catalogue now contain two additional columns and corresponding filter facets which make it easier to distinguish the risks. They allow to filter them by its connected activity or the diagram, where the risk was imported from. This improvement is part of the standard-configuration of BIC Process Control. Customers who has an individual configuration of the table columns and filter facets of the Risk Catalogue keep their existing one. Some of them may already have this option in their individual configuration.
Most of the main views received an improvement in its loading behavior.
The connector got a big performance improvement especially for large diagrams.
The following bugs have been fixed in this release
[BCW-9548] Wrong access rights on forms folder in the docker-client may break loading a form
[BCW-9565] Missing log information in case a task delegation fails
[BCW-9654] System may not be able to delete a risk/control-version when its retention period ends
[BCW-9656] Wrong message shown in the system in case of updating an user with an already existing account
[BCW-9730] When filtering the users in the User Management, the user counter is not updated
[BCW-9751] Small issue in German online help
[BCW-9853] Connector log is printing the whole diagram data in “DEBUG” log level
[BCW-9858] In case the “obsolete” state of risks/controls is managed by BIC Design, BIC Process Control may duplicate them
[BCW-9859] Obsolete risk shown as Not Approved after depublishing a diagram from BPD
[BCW-9861] Link to risk context missing in risk details
[BCW-9869] Wrong color-scheme for connector activation-switch in tenant administration
[BCW-9870] Properties of risks/controls based on drop-downs are shown in the wrong language inside exports
[BCW-9880] Calendar shown partially when selecting a new task due date
[BCW-9920] Loading indicator bar disappears directly after triggering something (for example an excel export)
[BCW-9921] Missleading initial Message visible in Group Management and User management when loading a larger amount of entries
[BCW-9959] Wrong search results inside the task search when entering a search term
[BCW-9967] Misleading error message in case a bulk delegation of tasks fails
[BCW-9976] Import of advanced connector configuration in the tenant administration fails
Version 4.2.2
The following bugs have been fixed in this release
[BCW-9844] Large diagrams lead to a very high load in the connector and slow down the whole application for users
Version 4.2.1
The following bugs have been fixed in this release
[BCW-9568] The initial calculation of a next-date (Risk Assessment etc.) in the connector shows the same day as result in case the fallback interval is set to one day
[BCW-9708] Wrong behavior of facets in case a facet value contains special characters
[BCW-9735] Spring Boot Admin is restarting many times
[BCW-9750] Task links in the daily notification are not shown for users belonging to a default tenant.
[BCW-9797] Duplicated users in the user management section
[BCW-9803] Task delegation e-mail does not contain link to the task
[BCW-9805] The Connector fails to write back to BIC Process Design
[BCW-9854] Selecting next test of design date inside “Test Of Design” workflow does not consider the corresponding interval as upper limit
Version 4.2.0
New features
BIC Process Control received a redesign focusing on how the application is shown on mobile devices.
As part of this redesign, the tables views inside catalogues got their own kind of visualization for mobile devices. Instead of showing a table, the view shows its entries similar to the already known task lists.
“MyBIC” and “Profile” views were also slightly redesigned in general.
In task lists like Search or My Tasks it is now easier to distinguish between completed and active tasks.
If a task is delegated in one of the task lists, the task will directly show the newly assigned owner of the task.
The following bugs have been fixed in this release
[BCW-9225] BIC Design Connector - The section of Data transfer language in the details of risks and controls is not showing below to Risk/Control Responsible
[BCW-9242] BIC Design Connector - If a risk is set to obsolete in BPD and the obsolete flag is part of the import mapping, connected controls are not set to obsolete as well
[BCW-9291] Tenant administration - Inside the tenant overview, longer contact adresses cover the date of registration column
[BCW-9374] BIC Design Connector - Risks and controls marked as obsolete in BIC Process Design are not being transferred to BIC Process Control
[BCW-9412] Export of Action Management Catalogue may fail because of missing data
[BCW-9446] The system fail to identify the newest version of a customized form
[BCW-9550] Wrong health check configuration for email service
[BCW-9599] BIC Design Connector - The version comparison do not consider the grc owned fields properly
[BCW-9600] BIC Design Connector - Missing new risk/control version in BPC when it is removed from the BPD diagram
[BCW-9601] BIC Design Connector - Multivalued attributes produce wrong log entries when the connector process the diagram data
[BCW-9603] BIC Design Connector - Synchronization feature is not working as expected
[BCW-9631] Rendering of risk details or control details fails in case the form definition contains field which does not exist inside the object data
[BCW-9632] BIC Design Connector - Version comparison of risks/controls may ignore specific fields which may prevent the connector from updating the risk/control
[BCW-9639] Error parsing dates when the retention period scheduler is executed
[BCW-9643] Wrong configuration of the retention period scheduler job
[BCW-9645] Rendering of forms containing checkbox attributes may fail and shows a partial form as result
[BCW-9651] Wrong tooltip when hovering user entries in task lists, forms or filter facets
[BCW-9655] In case the system fails to handle the retention date, the log message shows to much information
[BCW-9657] User deletion is not be possible even if the user is not used actively in tasks and risks/controls anymore
[BCW-9706] Wrong behavior when updating the accepted repositories for an existing connector configuration
[BCW-9718] Incomplete data when loading forms with dependent fields
[BCW-9727] Filter facets are not available inside catalogues on mobile devices
[BCW-9731] System may not be able to remove tasks when retention period date ends
[BCW-9736] Active tasks are being deleted for those risks/controls version whose retention date has passed
[BCW-9742] Error when deleting a tenant from the tenant administration
[BCW-9743] Error when delegating task from the audit trail view
Version 4.1.5
The following bugs have been fixed in this release
[BCW-9369] In some cases there are problems to handle the state of case documents (entries of the Action Management Catalogue)
[BCW-9371] Missing support of checkbox fields inside case documents (=entries in the Action Management Catalogue)
[BCW-9372] Daily mail notification gets maybe interrupted in case of unexpected exceptions during the “is tenant active check”
[BCW-9376] Wrong style inside the excel template of the Risk-Control-Matrix
[BCW-9377] Risk-Control-Matrix shows the wrong content as risk context
[BCW-9381] An unexpected error can interrupt an indexation run of tasks/process instances
[BCW-9431] Wrong behavior when clicking on the company logo inside the sidenav
[BCW-9522] Retention period feature may be interrupted in case of any unexpected error
[BCW-9551] Periodic database backups store more backup files in the system than expected
[BCW-9559] Risks and controls reindexation process fails when having much data
[BCW-9569] Automated database backup is not functional
Version 4.1.4
The following bugs have been fixed in this release
[BCW-9445] System can fail to identify the newest version of a customized workflow
Version 4.1.3
The following bugs have been fixed in this release
[BCW-9379] Implement a retry mechanism in the risk and controls reindex process to make it more resilient
Version 4.1.2
The following bugs have been fixed in this release
[BCW-9292] Logs of the Connector only show a timestamp instead of date and time information
[BCW-9308] Wrong users creation in different tenants
[BCW-9354] Wrong services versions in releases v4.1.0 and v4.1.1
[BCW-9355] Number of matching hits wrong in the AM catalogue facet values
Version 4.1.1
The following bugs have been fixed in this release
[BCW-9113] Missing information inside the logs regarding email notifications.
[BCW-9233] Missing information inside the log files in case of problems when the workflows automation start.
[BCW-9250] Missleading log messages during the automated workflow start.
[BCW-9252] BIC Design Connector: the version comparison do not consider the tenant specific grc owned fields properly.
[BCW-9257] Rebuild of the case document index may fail in case of unexcpected errors.
[BCW-9266] Admin bulk operations inside the search only affect to 20 entries instead of to all the selected entries.
[BCW-9267] The task export sometimes misses the creation date of process instances or shows unexpected values for it.
[BCW-9270] Uncomplete explanation of the introduction of the retention period feature inside the upgrade notes.
[BCW-9272] Automated email notifications may get stuck in case of invalid recipients.
[BCW-9274] System requirements refer to a docker-compose version which is no longer supported by BIC Process Control.
[BCW-9275] Tenant Administration: When you create a new tenant in the administration panel, with differents inputs in the fields: “Name”, “Subdomain” and “ID”, this tenant hasn´t access to BPC.
[BCW-9288] Participants cannot access properly to risks/controls catalogue different views in case of the risk/control has group assignments.
Version 4.1.0
New features
Imported controls from BIC Process Design now offer a similar deep-link to its diagram, like it is already available for risks. Like the existing “Link to Risk Context” for risks, the control details now have a property “Link to Control Context”. When you click on the link, you will navigate into the published diagram where the control comes from and the control will be selected.
Whenever a process is started automatically (Risk Assessment, Test of Completeness, Test of Design, Test of Effectiveness, Performance of Control) based on its corresponding “Next date of…” property, in addition to the updated risk / control in BIC Process Control, the risk / control will be updated in BIC Process Design as well.
The Action Management Catalogue can now be filtered by the Corrective Action property.
Administrators can now execute bulk operations inside the search view. They can do a bulk task delegation or a bulk process cancellation based on all tasks that match the the search term and the selected filter criteria. Especially the bulk task delegation will be very handy when user changes their roles in the company or must be replaced for other reasons. Bulk operations will only affect active tasks.
For archived versions of risks and controls, BIC Process Control now manages a retention period. Inside the Archive section administrators can define the retention period for risks and controls separately. Whenever a risk or control gets updated, the former “active” version will now count as archived and will be updated with the currently defined “Retention period” and based on this a calculated “Retention date”. The details view of each archived version contains a new section “Archive” that shows both new properties.
- The new UI-design, introduced in version 4, received some further improvements.
The Audit trail is now updated
And we improved in general how users and user groups are visualized. On task cards, catalogue entries and the audit trail, users are now shown like this
and user groups like this 
.
The following bugs have been fixed in this release
[BCW-9243] Missing or wrong memory configuration on some services
[BCW-9240] Change of technical identifiers regarding ToC properties was not propagated properly in the connector configuration
[BCW-9224] Wrong behavior when accessing the system without subdomain in case a default tenant is specified
[BCW-9223] Missleading error message when the system try to find active process instances during the automated workflow start
[BCW-9220] Daily email notifications are not being sent to the users
[BCW-9219] Warning messages in API-Gateway because of the existing timeout configuration
[BCW-9195] When using a customer specific primary CI color, in some cases disabled buttons shows a wrong style
[BCW-9189] BIC Process Design Connector - checkbox attributes are handled differently compared to checkboxes inside forms which leads to unwanted object versions
[BCW-9187] PDF version of online help still shows the old product name in the cover page
[BCW-9174] Manual user creation fails, if the system cannot send the reset password mail
[BCW-9172] Small visual deviation on task cards when a task has a long name and the user hovers the task
[BCW-9116] Generated dates within the connector do not follow ISO standard properly
[BCW-9109] Redundant explanation of pending tasks inside the online help
[BCW-9102] BIC Process Design Connector - The risk description is not imported properly
[BCW-9100] Wrong alignment of divider-line of tabs inside the center area
[BCW-9097] Registration of controls workflow is not creating the corresponding tasks
[BCW-9094] Missing logfile access in Spring Boot Admin service for the workflow service
[BCW-9092] Date fields are not properly shown inside the Control Catalogue and its history for imported controls
[BCW-9091] BIC Process Design Connector - In case of a diagram depublication, the active versions of risks/controls are set to “obsolete” instead of creating a new version containing the obsolete state
[BCW-9070] Menu highlighting of the entry Running Processes in the sidenav disappears when switching to “My processes” or “Delegated tasks” tab
[BCW-9065] Small visual deviation in some views - The header of the right “options” panel is not exactly aligned with the header in the center-page
[BCW-9056] Missing information in the logs in case the connector cannot resolve a drop-down value during the import
[BCW-9050] Risk Context and its related fields are not shown properly when the risk is based on the connector
[BCW-9036] Values of text fields are shown to lowercase as facet values
[BCW-9031] Tooltip for reset button feature inside filter facette shows wrong text
[BCW-9002] Restart services after no disk space situation
[BCW-8999] Small visual bug in the Action Management Catalogue table view between the context menu on the right side and the vertical scrollbar
[BCW-8952] Missing activation for automatic migration of FileBox input fields into Attachment input fields on form definitions
[BCW-8950] Finishing a task may lead to a ghost task entry inside the task list
[BCW-8941] Access a system without a subdomain with no default tenant defined leads to an error instead of an “no subdomain” page
[BCW-8912] Incorrect translation to German in the Risk Assessment
[BCW-8911] Installation manual still makes reference to docker-compose-grc.yml
[BCW-8910] Alignment not properly set in some fields in the read only mode of the forms
[BCW-8909] Some outdated configuration inside docker-client
[BCW-8906] Rendering of a chiplist form field can run into an unintended error
[BCW-8887] Icon for Action Management process on empty MyBIC task list is wrong in the mobile version of the view
[BCW-8861] Visual bug in the header of the heatmap view when uncollapsing the side-nav
[BCW-8854] Show the invalid subdomain page when acessing a system without subdomain and no default tenant
Version 4.0.2
The following bugs have been fixed in this release
[BCW-8946] BIC Process Design Connector - Import of a diagram can fail when a user creation during the import fails
[BCW-8979] Java memory configuration is not effective for all boot services
[BCW-9024] DMN evaluation fails in case a input-column is based on a drop-down AND the drop-down value has an unexpected reference
[BCW-9032] Filebox runtime migrations not working for risks and controls details view
Version 4.0.1
The following bugs have been fixed in this release
[BCW-8856] BIC Process Design Connector - NPE inside enum-converter in public cloud
[BCW-8889] BIC Process Design Connector - Defined data transfer language inside the connector configuration is ignored
[BCW-8892] BIC Process Design Connector - Version comparison for risks and controls seems not to work properly
[BCW-8860] KIE Workbench creates massive log-entries regarding the keystore, which messes up the logs a lot
[BCW-8865] Exporting a Risk Control Matrix the fields „Control Owner“ and „Control Tester“ stay empty even though the fields are filled
[BCW-8872] Invalid values for Postgres container configuration in .env file
[BCW-8883] When a user is updated (e.g. changed e-mail address), only the control owner gets updated in existing controls
[BCW-8905] Custom forms service has a misleading name inside Spring Boot admin service
Version 4.0.0
New features
With this major release, BIC Process Control (BPC) received an overall redesign. This new style of the UI will be applied to BIC Process Design and BIC Process Execution in the future as well. One of the main goals of the redesign was to provide more space for the content in the center area by keeping a good and easy access to the main views of BPC. This goal was achieved by reducing the sidebar on the left side.
The second goal was to simplify the way how users navigate inside the application when it comes to hierarchical navigation, for example navigating from the Risk Details view back to the Risk Catalogue. From now on, the breadcrumb will be the only available way to do this kind of hierarchical up-navigation.
In order to provide a better access to the risks and controls inside the Risk Catalogue and Control Catalogue, they can now be filtered by name and last change date. The Action Management Catalogue can now filtered based on the Corrective action of its entries.
- To improve in general the handling of multi-selection facets, BIC Process Control now supports two types of visualization:
Simple multi-selection facet (the already known visualization)
Quick-filter multi-selection facet (new)
In difference to the simple multi-selection facet, the quick-filter variant is intended to manage a long list of facet values. In order to achieve that, the facet contains of two components:
An input field, that allows to quick-filter the list of facet values
A rectangle with a fixed height that contains a scrollable list of the facet values.
The Quick-filter visualization will automatically used to show a multi-selection facet, if it contains more than 15 facet-values.
The views Search and Running processes now offer an export option, providing additional information about the shown tasks. In addition to the basic task information, the export shows information about the process to which the task belongs. It also tells if the process is executed in the context of a specific risk or control.
Similar to the already known simple Export option available for the Risk Catalogue and Control Catalogue, the Action Management Catalogue now offers an export option as well.
The daily e-mail notification now only contain entries for still active tasks. In the past users may received a notice about new tasks which were finished on the same day. In order to further reduce the amount of individual e-mail notifications send by the system, an individual notfication for a task delegation is only send if the delegated task has reached its due date or is already overdue.
The following bugs have been fixed in this release
[BCW-8797] Creation of IKS-Matrix export runs into a timeout in case of huge data
[BCW-8773] Wrong entry inside the task owner filter facet leads to red error toast when selected
[BCW-8733] Listener error when processing a process event
[BCW-8648] Security improvements
[BCW-8616] User-role-administration: The shown number of users belonging to a role are limited to 100
[BCW-8597] The Control Catalogue raises an error when sorting it by “Associates Risk”
[BCW-8581] Cleanup tenant not working in development system
[BCW-8576] After clicking on a menu entry in the mobile main navigation, the navigation does not close, but it should
[BCW-8551] If the system founds a related previous task, the formfields are visualzed editable instead of being vizualized readonly (submit of form still not possible)
[BCW-8548] Missing placeholder replacement in task
[BCW-8513] Search service is not using ‘FACET_LIMIT’ parameters as an input for the facet queries
[BCW-8505] After the tenant creation, the password for the e-mail connection is empty inside keycloak
[BCW-8504] Visual Bug in admin landing page
[BCW-8476] Missing option to hide/show the “Filter / Options” panel inside the control catalogue for a given risk
[BCW-8466] The mem_limit configuration in docker-compose.yml files are not effective anymore
[BCW-8448] It is possible to cancel a process without entering a reason for the cancellation
[BCW-8440] Wrong section header levels in customization manual
[BCW-8415] Visual bug in risk heatmap after resizing the area for displaying the heatmat (resize browser window, collaps sidenav etc.)
[BCW-8414] Missing update of Action Management catalogue entries in case of a rename of an involved user
[BCW-8412] When selecting a facet value inside the Action Management Catalogue all facets are shown collapsed as a result
[BCW-8385] On customization manual the explanation for the dependency rule nonRequiredFields is incomplete
[BCW-8373] The UPGRADE.md contains a wrong explanation about HTTPS certificate names
[BCW-7401] Kie server and catalogue service produce log traces when launching the scheduler
Version 3.24.0
New features
We did a rebrand of the product. In order to bring BIC GRC closer to BIC Process Design, it is now called BIC Process Control.
Now it is possible to register a control within the context menu of a risk directly inside the Risk Catalogue. In this way, the associated risk is preselected.
Users will now benefit from an improved view of the controls for a given risk. When clicking on the Show controls entry in the context menu of a risk, the user will now navigate into a prefiltered Control Catalogue. This allow to use all the benefits of the Control Catalogue view (e.g. Dashboard view, filter the controls, using the export option).
The Excel export for risks and controls now supports the date cell format for date based columns, which allows to use the build in date filter of Excel. The same goes for the Risk Control Matrix.
When a control is set to obsolete in BIC Process Control, for example through the “Test of Design” process, then the BIC Process Design Connector will now set this control in BIC Process Design to obsolete too.
The manage escalation task inside the Action Management process now allow to extend the time for implement the action or to extend the time for review the action.
Administrators can now trigger a synchronization between BIC Process Control and BIC Process Design. Usually this it not necessary, but in some cases this option may become handy. This option is only available when the BIC Process Design Connector is active. Once the synchronization is triggered, the system will update the risks/controls based on the diagrams stored in the stage “publication” of the connected BIC Process Design tenant.
The following bugs have been fixed in this release
[BCW-8372] ‘Risk Assessment’ produces 400 HTTP error when requesting catalogue information for empty ids
[BCW-8366] Wrong explanation in customization manual regarding configuration of process due date interval
[BCW-8358] Installation manual still referes to an existing first tenant after a greenfield deployment
[BCW-8301] BIC Process Connector: Missing documentation of the feature to deny the import of risk/controls because of empty BIC Process Control fields
[BCW-8266] Obsolete checkbox is not rendered in a proper style inside forms
[BCW-8259] Headline of Action Management Catalogue is not shown properly
[BCW-8246] BIC Process Design Connector: custom checkbox attributes are not properly transferred to checkbox BIC GRC risk/control checkbox properties
[BCW-8245] BIC Process Design Connector fails to parse response from BIC Process Design in case on validation errors during write back to BIC Process Design
[BCW-8165] Logs are not accessible in spring boot admin service
[BCW-8154] After cleanup a tenant, old SOLR tasks and processes documents are not removed during index rebuild
[BCW-7917] Action Management: Escalation is not triggered properly when exceeding the “Review date”
[BCW-7908] Action Management Catalog is not initially sorted by update time
[BCW-7822] Control name not properly replaced in task description
[BCW-6617] Text attributes not writing back to BIC Design when sending an empty value
[BCW-5272] In some situations the due date for process is not calculated properly
Version 3.23.2
The following bugs have been fixed in this release
[BCW-8351] BIC Process Design Connector: When mapping a enum attribute to a GRC field with a huge number of drop-down entries, the mapping can fail
[BCW-8355] Restore of main PostgreSQL dump during 3.20.0 update step leads to errors
Version 3.23.1
The following bugs have been fixed in this release
[BCW-8273] - Fix UPGRADE.md since version 3.20.0 to make clear the steps for ugrading PostgreSQL
Version 3.23.0
New features
Now it is possible to register a control within the context menu of a risk inside the Risk Catalogue.
In order to improve the readability of bigger numbers thousands separator are added to number fields like the risk quantitative fields (“Impact (EUR)”, “Risk Expectation (EUR)”).
An administrator cannot delete users who have active tasks assigned to them.
The following bugs have been fixed in this release
[BCW-7818] Issue filtering tasks in ‘Running Processes’ / ‘My Processes’ where the group names contain “&” characters
[BCW-7945] Connector service must extract the attributes values in an ordered way from diagram entities and nodes
[BCW-7946] Services build fails when getting the Ubuntu Security Updates
[BCW-7993] As a german administrator, I want to have all the german translations of Tenant Administration UI
[BCW-7995] As an administrator, I want the GRC scheduler to avoid launching the fallback tenant processes if the schedulers of a tenant are deactivated
[BCW-7999] Connector service fails in specific cases during request of the newest version of a risk or control
Version 3.22.1
The following bugs have been fixed in this release
[BCW-8273] - Fix UPGRADE.md sice version 3.20.0 to make clear the steps for ugrading PostgreSQL
Version 3.22.0
The following bugs have been fixed in this release
[BCW-7815] - Wrong german translation for ‘net_impact’ in ‘Test of Completeness’ process forms
[BCW-7902] - Missing delegation comments inside tasks audit trail
[BCW-7910] - Error toast with HTTP 404 error is shown when changing pages in ‘Action Management’ catalogue
Version 3.21.2
The following bugs have been fixed in this release
[BCW-8273] - Fix UPGRADE.md sice version 3.20.0 to make clear the steps for ugrading PostgreSQL
Version 3.21.1
The following bugs have been fixed in this release
[BCW-7798] - Security improvement
Version 3.21.0
New features
The Risk and Control Catalogue now offers access to related ‘Action Management’ documents from each element menu.
The link for imported risks and controls now points to the specific object inside the diagram in BIC Process Design.
Data transfer language now it is shown in the details view for imported risks and controls.
From now on, users cannot be deleted if they are responsible of any active risk or control.
The following bugs have been fixed in this release
[BCW-5155] - Wrong due date calculation for scheduled tasks if next process date is in the past
[BCW-6379] - The charts are not aligned inside the Dashboard views when the screen width is reduced
[BCW-6945] - Duplicated Action Management tasks with the same ID’s and Audit trails
[BCW-7258] - Dependency rules are not working for fields that are part of the subforms
[BCW-7278] - Missing margin-bottom at the end of the “Profile” section when there are several roles or groups shown
[BCW-7378] - Typos in the pop-up messages shown during the “Registration of Risks/Controls” processes
[BCW-7379] - Obsolete controls are not properly displayed inside the Risk Catalogue Excel export files
[BCW-7559] - The “Pending tasks” title is not shown if the import of risks/controls does not have the correct data transfer language setup
[BCW-7594] - Lack of validation regarding user-related fields that are not mandatory
[BCW-7602] - Connector service fails to send all the data transfer language information to BIC GRC
[BCW-7607] - Incorrect count of group members when visualizing the details of a given user
[BCW-7635] - After hiding the sidebar in the Heatmap tab, the sidebar and the Options menu do not behave responsively
[BCW-7639] - Using the breadcrumb to navigate back in Case Document catalogues throws an error and leads to an undefined route
[BCW-7758] - ‘risk_control_matrix_de.xlsx’ template is missing from GRC reports
[BCW-7779] - Filtering fails for ‘Boolean’ data type facets in risks and controls catalogues
[BCW-7781] - Users creation in batch fails due to delays in requests from Keycloak
Version 3.20.1
The following bugs have been fixed in this release
[BCW-8273] - Fix UPGRADE.md since version 3.20.0 to make clear the steps for upgrading PostgreSQL
Version 3.20.0
New features
Through the Search, users can now easily identify if a given task has been finished or canceled, based on the introduction of the new filtering state “Canceled”. A task gets the “Canceled” state when the corresponding process is canceled by the system or by the Administrator user.
We have introduced a new improved way how the system manages the uploaded files.
The mandatory Next Date Of… fields inside the different forms are now turned into optional if the interval selected by the user for that particular process type is either “On demand” or “Occasionally”.
From now on, if the same task is delegated multiple times to different users, it will be shown in the Delegated tasks views of all the users that executed the delegation of that task until it gets finished or canceled. As long as it is shown in the Delegated tasks view, the user can track the state of the task.
Redesign and improvement of the following views:
When a user tries to open a task that is already canceled, he/she will visualize a message informing that the task has been canceled
The number of available catalogue entries is now shown in a consistent way inside the breadcrumbs
The following bugs have been fixed in this release
[BCW-4359] - Clicking on link forces browser to ask if the user wants to leave the website
[BCW-4557] - When attaching a file during the Risk Assessment, it can be seen inside the Details view before finishing the process
[BCW-6130] - When attaching a file to a particular risk/control process form, it is also displayed in all the previous entries inside its “History” section
[BCW-6437] - When delegating a task to another user, the new trace shows the wrong chip until you refresh the browser or leave the view
[BCW-6649] - Attachment from a previous process instance is still visible in a new process instance
[BCW-6658] - Security improvement
[BCW-7061] - When a user name is modified, the corresponding filter facet is not updated inside the catalogues
[BCW-7134] - Inside the ‘Controlled Risk’ section of the New Control form, risks are not being properly filtered by their “Risk Context Category”
[BCW-7165] - When a user name is modified, the corresponding filter facet is not updated in the task-related views
[BCW-7303] - The responsibility labels and chips disappear from the details view of a given risk or control after deleting the assigned user or group
[BCW-7313] - Inside Action Management date validations might not work when there is an assigned Reviewer and the “Manage escalation of action” task is triggered
[BCW-7316] - After changing the value of the ‘Execution interval’ field in BIC Process Design, it is not properly updated in BIC GRC after the publication of the diagram
[BCW-7318] - Wrong Toolbar icon in Control Catalogue “Dashboard” mobile view
[BCW-7320] - The “Task already finished” screen does not show its intended new style
[BCW-7323] - Wrong ‘Description’ values for Action Management processes triggered as a result of new risks or controls with next dates too far in the future
[BCW-7349] - Navigation might get stuck after accessing Action Management processes automatically created by the system
[BCW-7351] - In some cases the context menu options do not show their tooltip
[BCW-7363] - Dependency rule requiredFieldNotEmpty does not work the first time when it is the only one and a filled form is loaded
[BCW-7369] - The “Last Test of Design” date is initially not shown after creating a control through the Registration of Controls process
[BCW-7381] - Reset of a date-picker field is not persisted after the form is submitted
[BCW-7384] - In some cases, asterisks are kept next to the labels of fields that switch from mandatory to optional
[BCW-7394] - Possible NullPointerException in GRC scheduler process if the configuration for some of the existing tenants is missing
[BCW-7450] - Additional Case Document catalogues do not load the view when navigating between each other
[BCW-7452] - Additional Case Document catalogues do not load the valid facets for each catalogue
[BCW-7453] - Additional Case Document catalogues do not show a valid breadcrumb
[BCW-7468] - Additional Case Document catalogues should obtain the title from the localization service
Version 3.19.4
The following bugs have been fixed in this release
[BCW-9001] - Java memory configuration is not effective for GRC service
Version 3.19.3
The following bugs have been fixed in this release
[BCW-8946] - BIC Process Design Connector - Import of a diagram can fail when a user creation during the import fails
Version 3.19.2
The following bugs have been fixed in this release
[BCW-7798] - Security improvement
Version 3.19.1
The following bugs have been fixed in this release
[BCW-7789] - Security improvement
Version 3.19.0
New features
The Risk Catalogue and Control Catalogue now offer access to the list of pending tasks for a given risk or control. This section can be visualized by selecting the context menu option Pending tasks or by clicking on the numerical chip of a given catalogue entry.
The Filter facets now initially show 10 entries and offer a Show more/Show less option if there are more than 10 entries available. Selected filtering values are now moved to the top of the Filter facet. Now users can unselect all the selected filter values of a given facet.
From now on, the Excel EXPORT contains the same content that is shown to the user, based on the chosen filtering, inside the table view of the Risk and Control Catalogues.
When selecting the associated risk for a new control as part of the New Control process, the available risks are now ordered by their creation date from the newest to the oldest.
The information that is shown for associated controls of a risk inside the Risk Assessment is now harmonized with the details page of a control.
Improvement of the following views:
The headlines inside the options area on the right side will stay visible when scrolling inside the options area. For example: inside the Risk Catalogue and Control Catalogue, the tab Options will be directly accessible, even if the user scrolls down inside the active tab Filters
Inside the user details view of the Administration section, now the user name is mentioned in the user roles and user groups headline, instead of the user email address
The following bugs have been fixed in this release
[BCW-5711] - Wrong toolbar icon in Risk Catalogue “Heatmap” mobile view
[BCW-6232] - Risk name not renderized in the Action Management task description
[BCW-6260] - Error when creating a new user role with a space in its name
[BCW-6805] - Dashboard performance issues in all catalogues
[BCW-6833] - Custom risk field is not present in IKS Matrix Excel report file but in risks Excel report
[BCW-6861] - Same icon used for “Applications” and “GRC Risk Cockpit” entries
[BCW-6865] - Wrong label for the “Comment on Result of Test of Design” column inside the ‘Controls’ tab of the Risk Catalogue Excel export file
[BCW-6943] - “Link to Risk Context” is running out of bounds when having a very long URL
[BCW-6957] - In the mobile view of BIC GRC, the Risk Catalogue shows a duplicated side scrollbar as part of its table view
[BCW-6965] - Action Management not triggered after rating a risk/control as obsolete
[BCW-6966] - Modifying certain attributes in BIC Process Design for a given risk/control duplicates the risk/control when publishing again the corresponding diagram
[BCW-7028] - In the Loading screen, the text is always displayed in English regardless of the browser language
[BCW-7079] - Risk Catalogue data table should have 100% width
[BCW-7092] - The name of the controlled risk is not shown inside the “Show controls” section when using any of the responsive views
[BCW-7133] - If a process is finished after rating a risk or control as obsolete, results are not being properly updated in the Filter menu
[BCW-7138] - Wrong style of filters divider lines
[BCW-7141] - If a control is rated as obsolete, the next finished process will display a wrong Audit trail inside the History section
[BCW-7159] - The “Audit trail” view gets out of width after delegating a task with a long comment
[BCW-7201] - Inside sub-forms, the separation between read-only fields and divider lines is not correct
[BCW-7225] - The Test of Completeness form does not display ‘Cause, Trigger and Impact’ (root_cause) and ‘Risk Response’ (risk_response)
[BCW-7226] - The BIC Process Design connector is not able to update the Method when performing the daily scheduled task
[BCW-7239] - After downloading the Excel of the Risk Catalogue, the file is automatically open in the ‘Controls’ tab instead of the ‘Risks’ tab
[BCW-7273] - The download of the catalogues Excel exports takes too much time
[BCW-7275] - The style of the “Pending tasks” context menu option is not properly displayed when using Firefox
[BCW-7277] - The tooltips of the URL’s are showing the name of the link instead of the “Open link” tooltip
[BCW-7279] - When there are no filters applied inside the Risk or Control Catalogues, the content of the Excel exports should be ordered as the table view
[BCW-7280] - The “Pending tasks” chip might display wrong numbers when there are attachments involved in the finished processes of a given risk/control
[BCW-7301] - Tasks attachments cannot be downloaded
[BCW-7310] - Certain column values are being displayed by their ID inside the Risk Catalogue Excel exports
Version 3.18.9
The following bugs have been fixed in this release
[BCW-9003] - Java memory configuration is not effective for GRC service
Version 3.18.8
The following bugs have been fixed in this release
[BCW-7995] - As an administrator, I want the GRC scheduler to avoid launching the fallback tenant processes if the schedulers of a tenant are deactivated
[BCW-7999] - Connector service fails in specific cases during request of the newest version of a risk or control
[BCW-8018] - Security improvement
Version 3.18.7
The following bugs have been fixed in this release
[BCW-7945] - Connector service must extract the attributes values in an ordered way from diagram entities and nodes
Version 3.18.6
The following bugs have been fixed in this release
[BCW-7929] - As an administrator, I want to have an endpoint in the connector service to force the update of imported risks and controls without republishing diagrams in BIC Design
Version 3.18.5
The following bugs have been fixed in this release
[BCW-7072] - Filtering and tasks assignment issue related to case sensitive email addresses on import from BIC Design Connector
Version 3.18.4
The following bugs have been fixed in this release
[BCW-7555] - Exception during user picture request due to empty data field in user profile
Version 3.18.3
The following bugs have been fixed in this release
[BCW-7463] - Connector service selects a wrong risk or control version to update during diagrams import if the corresponding GRC object is currently marked as obsolete
[BCW-7477] - As a developer I want to have an improved performance and memory consumption for the reindex process on risks and controls
Version 3.18.2
The following bugs have been fixed in this release
[BCW-7411] - GRC search service Out of Memory issue processing the same message from RabbitMQ continously
Version 3.18.1
The following bugs have been fixed in this release
[BCW-7385] - Some risks or controls are missing during the connector service import process due to new user accounts creation failure
Version 3.18.0
New features
Inside the Action Management Catalogue, based on the new state “Canceled”, users can now identify if an Action Management was canceled.
PARTICIPANTS are now able to see in the Control Catalogue any controls linked to a risk in which they are involved as a user or user group.
Risks and controls which were set to obsolete by BIC Process Design Connector because of a diagram depublication, will be reactivated in case of a republication of the former depublished diagram. A risk/control will be only reactivated if it is still present inside the new published diagram version. Reactivated risks/controls offer access to the whole history.
Improvement of the following elements:
Harmonized font size in all forms
Improved form readability
Enhanced pagination of catalogues
Increased performance of the “User groups” details view.
The following bugs have been fixed in this release
[BCW-6609] - After opening a task inside Running processes, navigating into the Search and going back, the system throws a HTTP 500 error
[BCW-6618] - Sidenav translation for “Maßnahmenmanagement” is not working as expected based on the browser language
[BCW-6642] - When selecting the “Rate control as obsolete” option inside an overdue “Test of Design”, the system still requires date fields to match at least the current date
[BCW-6648] - Reset of a dropdown field is not persisted after the form is submitted
[BCW-6690] - Security improvement
[BCW-6706] - Dates used as filtering options are not completely removed after clicking in the same section your user is currently in
[BCW-6764] - Validations inside the “Define action” task form might not work after removing a selected user inside the responsibility fields
[BCW-6845] - Hint texts for link box attributes are no longer displayed
[BCW-6856] - When using the browser back button inside the catalogues, the page index ‘0’ cannot be reached
[BCW-6858] - In the email notification, the attachments have no assignment to their tasks
[BCW-6862] - In the mobile/responsive view of the application, a wrong temporary message is shown when using the Search
[BCW-6942] - HTTP 500 when accessing certain active tasks related to undeployed containers
[BCW-6958] - Error sorting catalogue columns
[BCW-7008] - Security improvement
[BCW-7014] - “Action Management” custom fields are not reflected in the Action Management Catalogue
[BCW-7019] - The BIC Process Design hyperlink will disappear after changing a dropdown field
[BCW-7048] - After rating a control as ‘Obsolete’, an additional trace is not being added inside its History view
[BCW-7059] - “Controls for this risk” section will disappear after changing dropdown values in risk-related processes
[BCW-7069] - GRC Flyway script fails on special characters
Version 3.17.1
The following bugs have been fixed in this release
[BCW-6645] - Failing data transfer language import in connector service when the language is based on a diagram attribute
Version 3.17.0
New features
The Risk Catalogue and Control Catalogue now offer access to risks and controls which were set to obsolete. A new filter facet STATE has been added to the filtering located on the right side as part of the Options menu, which now contains two filtering options:
Active: When checked, only active risks/controls will be shown as catalogue entries.
Obsolete: When checked, only obsolete risks/controls will be shown as catalogue entries.
Obsolete risks/controls are highlighted in the catalogue by the 
icon.
Similar to an active risk/control, the complete history of an obsolete risk/control is available.
Users can now check their assigned user roles and user groups inside their Profile section.
The user related filter facets inside the Risk and Control Catalogue now show the user´s email address as a tooltip. This allows to distinguish users with the same names.
Redesign and improvement of the following views:
User role icon throughout the application
Dashboard resizing effect
Risk and control details view
Actions area fixed width
The following bugs have been fixed in this release
[BCW-5827] - Security improvement
[BCW-5840] - Back button in the header mobile view does not work and breadcrumbs in desktop view are not shown correctly for all Control Catalogue routes of a specific risk
[BCW-5864] - When selecting the “Obsolete” option inside an overdue Risk Assessment task, the system still requires date fields to match at least the current date
[BCW-5890] - Processes cannot be cancelled and tasks cannot be delegated when they were created before version 3.9.0
[BCW-5891] - Selected filter facets inside the mobile version of the Action Management Catalogue are not maintained after entering the “Details” or “Audit trail” views and going back
[BCW-5989] - Claimed group task is shown as delegated for the user who has claimed it
[BCW-6061] - The deselection of the assigned role Participant inside the “Add role” view is not applied when submitting the form
[BCW-6117] - Missing attachments when uploading several files with different formats through the context menu option “Attachments”
[BCW-6120] - In the Action Management Catalogue the values of the filter facets for custom “chiplist” user attributes are not displayed correctly
[BCW-6170] - “On demand” and “Occasionally” interval values behave like they were “Monthly” regarding new process instances automatically initiated by the scheduler
[BCW-6201] - Security improvement
[BCW-6376] - In the “Due Date” field, inside the Action Management forms, the word ‘date’ should be completely in lowercase
[BCW-6424] - When a risk is deleted in BIC Process Design from an already published diagram, Solr stores wrong values
[BCW-6436] - Action Management instances are not finishing properly when not selecting future dates inside the escalation task
[BCW-6447] - When delegating a task related with a risk/control which has previous pending instances of the same type, the check refers to a wrong task owner
[BCW-6453] - Input fields are not aligned correctly inside forms
[BCW-6455] - Inside the forms where there is a link input field, it looks editable after submitting the form
[BCW-6466] - There is no margin at the bottom of the different sections inside the Administration
[BCW-6495] - When cancelling a process the “process cancellation popup” do not disappear when the system is not able to send the cancellation notifications
[BCW-6510] - Placeholders are replaced with JSON content instead of the real string after Solr reindexing
[BCW-6511] - Wrong margin alignment of the “arrow_back” component in the details form
[BCW-6520] - When there are two users with the same name and different emails as filtering options inside the Action Management Catalogue, both are selected when clicking one of them
[BCW-6563] - Failing authorization control accessing with a Participant session token to a task related to another user or user group
[BCW-6566] - Missing data migration when changing technical identifier for the field “Comment on Result of Test of Design”
[BCW-6569] - When a user exists in Keycloak and not in the database, the BIC Design Connector will try to add again the user
[BCW-6579] - When entering the Profile section of a newly created user, no roles nor groups are shown
[BCW-6580] - New risks created using “Registration of Risks” process are shown in the Risk Catalogue as “Not approved” when they should not
[BCW-6581] - New controls created using “Registration of Controls” process are shown in the Control Catalogue as “Not approved” when they should not
[BCW-6599] - When using Firefox as the browser, text can be entered in the quantitative fields inside the risk-related forms
[BCW-6602] - When selecting the “Overdue” filter inside the Search, already “Done” tasks are shown as part of the results
[BCW-6606] - Inside the Running processes section, the scroll bar gets out of position when the tasks list loads more tasks
[BCW-6608] - The title and icon for the “Link to Subject of Corrective Action” are shown inside the Details view of the Action Management Catalogue even when no content is added by the user inside the field
[BCW-6612] - Line break not showing in Action Management Catalogue entries
[BCW-6655] - In some cases, the application throws server internal errors when selecting user filters with matching hits inside the Action Management Catalogue
[BCW-6657] - Participants and Analysts are able to visualize search results that they should not see when using quotes as the search term
[BCW-6661] - After rating a control as Obsolete, the State filter inside the Risk Catalogue might show the “Obsolete” value with no matching hits
[BCW-6665] - When delegating a task to a different user or group, they are not being shown inside the Delegated tasks tab
[BCW-6678] - Claiming a group task and then navigating back to the previous view can lead to inaccurate filter results
[BCW-6693] - Inside the Performance of Controls process form, date restrictions are not correctly applied in some cases
[BCW-6694] - When using a date field as a filtering option, each interaction with the application adds 2-hour intervals into the initial selected date into the URL
[BCW-6705] - When filtering tasks by using date fields, the selected dates are not maintained after opening the form through the Audit trail and going back
[BCW-6740] - Default connector service configuration leads to exceptions during BIC Design method request
Version 3.16.3
The following bugs have been fixed in this release
[BCW-7157] - Failing import of users in the connector service when the email contains capital letters
Version 3.16.2
The following bugs have been fixed in this release
[BCW-6111] - Dependency rules do not let previous process instances tasks be submitted when having certain interval values
[BCW-6591] - Condition in ‘Performance of Controls’ and ‘Risk Assessment’ forms require user to set a date before 1970
Version 3.16.1
The following bugs have been fixed in this release
[BCW-6589] - Workflow service may suffer startup failures in certain installations with duplicated entries in database
Version 3.16.0
New features
Users can now filter tasks based on their Task created, Task due and Task finished dates, which are shown on the task cards. In order to achieve this, new filter facets have been introduced in the following task-related views:
My tasks, My processes and Delegated tasks: Created on, Due on.
Search: Created on, Due on, Finished on.
The behavior of these new filter facets is the same as the already known date facets from the catalogues. For more information regarding this topic, see how tasks are filtered in the Running processes and in the Search views.
The Dashboards now have a better appearance when there are no results to be shown in a chart.
Inside the Action Management Catalogue, the user-related filters now show the user name as the facet value, and the user email as the tooltip.
An overhaul of the Actions menus has been performed, in order to achieve a consistent design through the different sections where they are available.
Inside the Administration section, the User roles administration has been redesigned. As a result of this redesign, Administrators can now easily check how many users are assigned to a specific user role.
The following bugs have been fixed in this release
[BCW-5730] - Selecting more than one value inside the “State” filtering option of tasks leads to wrong results
[BCW-5734] - A duplicated error is thrown when trying to set a group restriction for Action Management inside the administration section when there are multiple entries for Action Management available
[BCW-5743] - Manage 500 HTTP error when system tries to get a task from KIE
[BCW-5828] - Security improvement
[BCW-5885] - When opening a task form through the History section inside the Control Catalogue and going back, it redirects you to the Risk Catalogue
[BCW-5961] - When a task is delegated multiple times, inside the audit trail the wrong user is shown as previous user of the task
[BCW-5985] - Filters facets selected inside the Running processes tabs and the Search view are not removed when using the browser back button
[BCW-6062] - Not possible to search tasks by exact term enclosing search terms in quotation marks (“)
[BCW-6063] - Inside the administration section, when clicking on an entry inside the options panel, the entry is shown in a misleading visual style
[BCW-6154] - When delegating a task to a group inside the “Audit trail” view, the additional trace and given comment are not shown until you leave or refresh the view
[BCW-6233] - The field “Attachments to description” inside the implement action step of “Action Management” process is editable instead of read-only
[BCW-6248] - Wrong risk context maintained for new created risks using the “New Risk” process
[BCW-6254] - Typo inside the german predefined measure description, when the Action Management is automatically triggered after “New Risk” or “Registration of Risk” process
[BCW-6261] - URI limitation to 8192 bytes in search queries leads to search issues for user belonging to many groups
[BCW-6264] - The escalation for the review step inside Action Management is triggered one day too early
[BCW-6265] - Multiple calls to recover attachments in Risk Detail
[BCW-6269] - Inside the User roles section, the system offers the misleading option to delete the role ANALYST, even though it is not possible to delete the role
[BCW-6273] - Wrong style of input fields inside task delegation form
[BCW-6275] - Wrong style of input fields inside process cancellation form
[BCW-6283] - Parameter ‘response-key’ in dropdown fields configuration does not allow to use references to nested values
[BCW-6346] - The explanation of “How to configure an LDAPS connection in Keycloak” inside the installation manual lacks some important information
[BCW-6348] - The changes made in 3.13.0 in order to modify the behavior of the “last change” column inside “Risk/Control Catalogue”, did not apply to tenant specific configurations
[BCW-6349] - When a process is canceled, it can happen that recipients receive multiple emails, because of being involved inside the process multiple times
[BCW-6356] - When a user group is deleted, it can happen that for a given user from that deleted group, the list of groups he belongs to is temporary empty
[BCW-6514] - A bug inside Spring Boot Admin service leads to an automatic redirect to the login screen of Spring Boot Admin when navigating
[BCW-6515] - When selecting State filters inside the Running processes section, results might be wrong after scrolling the view
Version 3.15.0
New features
A major overhaul of the task forms was done. As part of this, a redesign was made regarding all input fields and how the forms appear. Also, from now on, it is possible to reset a dropdown field as long as it is not mandatory.
The Audit trail has been improved:
When a task is delegated, users can now see by who to whom a task has been delegated and which comment was given
When a process has been canceled, the former active task is now marked as “Task canceled” instead of “Task finished”
The display of the “Audit trail” has been enhanced on mobile devices
When a user with the role PARTICIPANT is involved in controls as a single user or user group, he is now able to see the associated risk for that control inside the “Risk Catalogue”.
Users with PARTICIPANT role can now see all Action Managements inside the Action Management Catalogue that are associated with a risk or control they are involved in as single users or user groups.
From now on, the filtering of the following task related views now shows the number of matching hits:
The facet STATE does not support this feature yet.
Redesign of the following views:
Processes view in the “Administration” section
Process details in the “Administration” section
About dialog in the “Help” section
The following bugs have been fixed in this release
[BCW-4667] - When a PARTICIPANT is only involved in a control and not in the connected risk, inside the “Risk Control Matrix” the risk information is missing
[BCW-5468] - User groups imported from “BIC Process Design” into “BIC GRC” through “BIC Process Design Connector” are created in lower case
[BCW-5594] - Cache Issues with idpHint and SSO
[BCW-5628] - Wrong subject headline in the email notification when a task is commented
[BCW-5705] - Manual configuration is required after upgrade of Keycloak for new installations
[BCW-5715] - Translation of the task state “Overdue” is not consistent through the application when having the UI in Spanish
[BCW-5741] - File service is storing user reference as numeric id instead of user email in attachments database table
[BCW-5813] - After cancelling a task, the Delegate option is temporary active and leads to a 500 error
[BCW-5825] - Security improvement
[BCW-5826] - Security improvement
[BCW-5836] - Label in lowercase in Control Catalogue “Dashboard” view
[BCW-5837] - Task due for tasks with currentStatus: “Created” are not turning red but are correctly shown as overdue when “Overdue” facet value is selected inside the “Search” view
[BCW-5843] - Inside the “Test of Design” form, some mandatory fields become optional after unchecking the “Rate control as obsolete” option
[BCW-5848] - Check of previous pending process instances does not display the task owner when it belongs to a group and is still unclaimed
[BCW-5859] - After searching for a range of dates with no matching results inside the Risk or Control Catalogue, the column with the “Not approved” icon temporary disappears
[BCW-5869] - In a customized “Performance of Controls” processes with timer events, the timer events trigger unpredictably (50% of times)
[BCW-5960] - After removing a user or group from a form responsibility field and clicking elsewhere, the field gets blocked
[BCW-5962] - When setting a new password inside the “Update your account” view, the user can be forwarded into the Keycloak user details info instead of the corresponding BIC GRC tenant
[BCW-5968] - When using the same risk field in both axes of the “Heatmap”, the drill-down into the table view will show the wrong amount of risks
[BCW-5971] - Inside “Running processes” and “Search” views, filter facets are not removed from the URL after unchecking them, but the view is updated properly
[BCW-5976] - Error message is shown after adding and removing an attachment from a form and going back
[BCW-5997] - Missing data migration when changing technical identifiers for the fields “Next Test of Completeness” and “Interval for Test of Completeness” (BCW-4880, BCW-5504)
[BCW-6016] - Inside the “New Risk” process the field “Cause, impact and trigger” is shown as a singleline input field instead of a multiline input field
[BCW-6017] - The email address of a user inside the user administration is not updated properly when using SAML SSO in case of a change based on the SAML response
[BCW-6022] - Sorting of columns “Name”, “Description” or other string based properties in Risk and Control catalogues does not work
[BCW-6051] - Translation missing in the “Audit trail” for the “Test of Design of Controls”
[BCW-6112] - Avatars in drop-down fields are not properly aligned
[BCW-6115] - “Administrators” and “Supervisors” cannot delegate tasks not assigned to them from the “Audit Trail” view when they also have a “Participant”/”Analyst” role
[BCW-6124] - Design error due to no margins and form header when load a task from “Running processes” or “Search”
[BCW-6127] - Default “Next Risk Assessment” date is not being displayed for risks imported by using the connector
[BCW-6151] - Facets missbehaviour due to uncommon symbols
[BCW-6153] - When a selected facet value is a substring of another facet value inside the same facet, hits belonging to this second value are shown in addition
Version 3.14.4
The following bugs have been fixed in this release
[BCW-7457] - Risk dropdown is not properly filtered in ‘New Control’ forms for participant users
Version 3.14.3
The following bugs have been fixed in this release
[BCW-7383] - Email service fails due to errors processing the same message in an infinite loop
Version 3.14.2
The following bugs have been fixed in this release
[BCW-6147] - Daily email notifications fail if one of the messages inside it fails
Version 3.14.1
The following bugs have been fixed in this release
[BCW-5988] - User chips in form fields are displayed slow
[BCW-6057] - Long response time for endpoint findUserGroups / findUserRoles
Version 3.14.0
New features
The Heatmap now offers a drill-down:
By clicking on a given Heatmap cell, users are redirected to the Table view that shows the risks of the selected cell
Users can navigate back to the original Heatmap view by clicking the browser back button
The Action Management Catalogue includes now a Dashboard as an alternative view on Action Managements that are shown to the user. The Dashboard view:
Offers an overview of the distribution of Action Managements based on their properties
Shows active or finished Action Managements available in the Table view based on the user role and the active filter criteria
BIC GRC reduces the number of individual emails received by the users. From now on, task notifications are sent on a daily basis in the following cases:
New tasks assigned to a user or user group
Overdue and Overdue soon tasks for a user or user group
The Operational Risk Management fields (Impact (EUR), Probability (%) and Risk Expectation (EUR)) are now available as filter facets inside the Filter area in the Risk Catalogue.
Redesign of the following views:
BIC GRC loading screen
Task delegation pop-up
Process cancellation pop-up
Group details in the Administration section
The following bugs have been fixed in this release
[BCW-3261] - Overhaul the update password email template
[BCW-4235] - When a user tries to filter tasks based on the process inside task-based views like “Search” or “My tasks”, it is not clear based on which criteria the available values are sorted
[BCW-4688] - Email not received for Risk Assessment
[BCW-4817] - KIE-Server docker container do not terminate on wildfly failure
[BCW-5142] - When deleting a user that belongs to a group, the member counter does not reflect it
[BCW-5147] - Email reminder for overdue not claimed group tasks are not triggered
[BCW-5210] - Duplicate entry for “Action Management Catalogue” in the “Side Navigation Bar” when using the “Link to Subject of Corrective Action” for navigation
[BCW-5224] - Inside the “Performance of Controls” form, the “Next Performance of Control” field is missing
[BCW-5285] - Inside the charts of the “MyBIC” view, in some cases, tasks are displayed as “Overdue” when they are not
[BCW-5362] - Email reminders for some events behave wrong
[BCW-5363] - Special characters in Solr queries create undesired side effects, because they are interpreted as literals
[BCW-5377] - In the Login screen, the URL for “Formación” leads to the wrong landing page when having the language set to Spanish
[BCW-5387] - When entering the context menu option “Show controls” inside the Risk Catalogue, the name of the associated risk is not being displayed in the header
[BCW-5388] - Wrong design of the latest version of a risk/control inside the “History” view
[BCW-5443] - Inside form definitions, inferiorDate and superiorDate dependency rules are not working properly
[BCW-5453] - User chips in catalog tables are not properly placed
[BCW-5457] - “Participants” and “Analysts” are able to delegate tasks that are not directly assigned to them from processes in which they were involved
[BCW-5461] - Different heading styles inside the catalogue views
[BCW-5464] - When indexed data in Solr contains commas (“,”) or the equals symbol (“=”), the document cannot be converted to the UI
[BCW-5471] - When a form field of type “textarea” (multiline) is shown as readonly, the content is shown as singleline without any linebreaks
[BCW-5476] - Mobile and desktop versions do not use the same background color
[BCW-5499] - While having the UI in Spanish, the value “Half-annually” is not translated properly for “Interval for Test of Design” and “Interval for Test of Effectiveness”
[BCW-5501] - Routing inconsistencies inside the application when using the browser back button lead to a “404” or “permission denied” page
[BCW-5514] - When using custom fields inside the excel export, the headlines are not shown properly
[BCW-5541] - Inside task list views, when a task is “Overdue”, the task due date is not colored in red in every case
[BCW-5584] - “Action Management” is escalated on the same day as the due date of the “Implement action” task
[BCW-5586] - The delegation comment is not shown inside email notifications
[BCW-5625] - In the Table view of Risk and Control Catalogues, certain enum fields do not show their tooltips
[BCW-5626] - When selecting a facet filtering value in the catalogue an error is thrown
[BCW-5691] - When a risk or control is imported for the first time using the “Connector”, the “Last Change” column is maintained with the wrong date value
[BCW-5802] - Labels for drop-down values show encoded special characters instead of the real character like “<” and “>”
[BCW-5831] - When a task is “Overdue” the task due date is not turning red
[BCW-5845] - When cancelling a task, the email notification shows “process_cancelled” instead of the corresponding descriptive line
[BCW-5867] - When unselecting a particular filter facet inside the catalogues and switching from the “Table view” to the “Dashboard view”, the numbers of the other facets are not properly updated
[BCW-5870] - Case document service is acknowledging twice the messages received from RabbitMQ queue
Version 3.13.2
The following bugs have been fixed in this release
[BCW-5752] - The system is stuck in the loading screen when entering the product
[BCW-5760] - Buildup of case document SOLR index and task SOLR index fails after an update to 3.13.1
[BCW-5796] - Flyway script corrupts non-default tenants
Version 3.13.1
The following bugs have been fixed in this release
[BCW-5704] - A potential NPE inside the update analysis prohibit the proper update of risks/controls at the end of a GRC process.
Version 3.13.0
New features
The Action Management Catalogue has been improved. It now offers:
The possibility to filter the catalogue entries based on Action Management properties. The Filter is located on the right side of the Action Management Catalogue view
Users with the PARTICIPANT role have now restricted access to the entries of the Action Management Catalogue view. PARTICIPANTS are able to see actions in which they have been involved or are currently involved
The Heatmap has been integrated into the Risk Catalogue.
Users can now use the filtering in order to define which risks should be considered to be shown inside the Heatmap
To find out more about “How filtering affects the Heatmap?”, please have a look here
The Audit trail has been improved:
The general appearance of the Audit trail has been updated
The options to interact with active tasks are now available in the Options panel on the right side
User chips inside the entries of the Audit trail are now shown regardless if the user account is still active or not
The column Last Change in the History section, now only considers the creation date of the version of a risk or control.
The BIC Process Design Connector now supports the import of date attributes into BIC GRC and its write back into BIC Process Design.
The following bugs have been fixed in this release
[BCW-2699] - Stock configuration for Docker has legacy settings
[BCW-4381] - Labels in “New processes” section mixes “process” and “workflow” when switching the language of the UI
[BCW-4530] - The context menu option for attaching files to tasks shows different text alignments
[BCW-4534] - When running a second search, the active filter facets are kept and as a consequence, an empty search result can happen
[BCW-4978] - “Result of Performance of Control” values are displayed in English when having the UI in Spanish
[BCW-5068] - It is not possible to render a new Linkbox with a custom attribute in a custom form
[BCW-5075] - Active filter facets inside the “Running processes” are lost when opening a task and going back to the list
[BCW-5084] - There is no email notification sent when delegating an unclaimed group task to another group
[BCW-5123] - Delegated group tasks are not shown in “Delegated task” view
[BCW-5159] - When I navigate from the Risk/Control Catalogue into a risk/control related view and navigate back to the catalogue, the active page of the catalogue is lost and the first page of the catalogue appears
[BCW-5222] - Inside the Test of Design form, the “Next Test of Design” field is named “Due Date”
[BCW-5223] - Inside the Test of Effectiveness form, the “Next Test of Effectiveness” field is named “Due Date”
[BCW-5241] - Risk catalogue and Control Catalogue show no content (red error message) when labels in drop-down fields that should be shown as columns contain some special characters
[BCW-5244] - The “History” section of a control is not working when accessing it through the “Show controls” option inside the Risk Catalogue
[BCW-5280] - Using the browser back button inside the Risk/Control Catalogue, do not update the active filter facets properly
[BCW-5283] - A “No Data” system message is being displayed for a very short time when entering any of the views inside the “Applications” area
[BCW-5297] - In the Action Management Catalogue no “Details” and “Audit-Trail” options are available inside the context menu when the user has the role “Analyst”
[BCW-5386] - “Analysts” are only able to see the “Details” option in the context menu in the Risk/Control Catalogue
[BCW-5480] - “BIC Process Design Connector” does not process diagrams properly when working with many tenants at once
[BCW-5504] - “Test of Completeness” fields “Next Test of Completeness” and “Interval for Test of Completeness” are not initialized during the first import of risks from BIC Process Design into BIC GRC
[BCW-5545] - Sorting certain columns in Risk/Control Catalogue throws an error (red error message)
[BCW-5560] - Wrong sort order of filter values inside filter facets of the Risk/Control Catalogue
[BCW-5573] - When a task is delegated, the delegation notification does not show the delegation comment
[BCW-5593] - The “Risk Assessment” process is started by the scheduler for risks published without a “Risk Owner”
[BCW-5617] - Check of previous existing process instances not working when opening a user task form
Version 3.12.2
The following bugs have been fixed in this release
[BCW-5466] - Special characters (“,” and “=”) used in drop-down labels will lead to an error inside the Risk Catalogue and Control Catalogue
Version 3.12.1
The following bugs have been fixed in this release
[BCW-5241] - Risk catalogue and Control Catalogue show no content (red error message), when labels in drop-down fields that should be shown as columns contain some special characters
Version 3.12.0
New features
Inside the Applications area, a new Risk Heatmap view is now available. Initially, it shows the distribution of risks based on Probability per Impact.
Users can define which risk properties are used for each axis of the Heatmap for further risk analysis
The Risk Heatmap takes into account all risks in the Risk Catalogue that are available for a given user based on his role
The Risk Catalogue now offers a Dashboard as an alternative view on the risks that are shown to the user. The Dashboard view:
Offers an overview of the distribution of risks based on risk properties
Shows the risks that are available in the table view based on the user´s role and the active filter criteria
The Control Catalogue now offers a Dashboard as an alternative view on the controls that are shown to the user. The Dashboard view:
Offers an overview of the distribution of controls based on control properties
Shows the controls that are available in the table view based on the user´s role and the active filter criteria
The Action Management Catalogue has been improved. It now offers:
A detailed view of active or finished Action Management instances and
access to the Audit trail where you can trace the history of the Action Management process instance
The Audit trail now shows When, by Who and for What reason a process was cancelled.
When a process instance is launched on a scheduler basis, the Audit trail now shows “System” as initiator.
Date formats inside email notifications are now set according to the language of the email.
When filtering for pending tasks inside the Search or other task based views, the result contains now no overdue tasks.
Improvements have been made in relation to the Action Management process:
The Reminder dropdown has been removed. The Action Management uses the same task based reminder feature, similar to the other BIC GRC processes
The Responsible for Implementation must be different from Reviewer and Authority in Case of Escalation
The values inside the dropdowns Type and Status of Implementation have now a consistent order
Adding the dropdown Measure approval to Review Implementation task in order to track the result of the Review
Some layout improvements inside the forms
The following bugs have been fixed in this release
[BCW-2579] - Link inside task notification for the escalation task in “Action Management” process seems not to be functional in some cases
[BCW-3003] - Wrong date format in German email when delegating a group task
[BCW-3938] - Risk description not shown in the Risk Catalogue
[BCW-4107] - When the “Due date” inside “Action Management” is maintained, the “Review date” becomes mandatory to be after “Due date”, even if there is not “Review date” set
[BCW-4110] - When a user sets his new password inside the “password reset view”, the user is not forwared properly to his BIC GRC tenant
[BCW-4123] - BIC Process Design Connector uses the first available value of a mapped drop-down field when the attribute is not maintained in BIC Process Design.
[BCW-4206] - Wildcard “*” is written automatically in the “Search” text box after deleting a previous search term
[BCW-4346] - The calculation of “Risk expectation” fails, when “Impact (EUR)” exceeds 1.000.000.000.000.000
[BCW-4355] - When selecting a different page inside the risk/control “History” view or changing the page size, the view is not updated properly
[BCW-4393] - Installation manual is missing required parameter “referer” in specific endpoints documentation
[BCW-4511] - For some forms the submit dialogue message is not being shown
[BCW-4556] - Attached files during the “Re-assessment” task are visually duplicated
[BCW-4566] - When the scheduler tries to start a process with the same correlation ID the second time, an error stack trace is shown in the logs
[BCW-4578] - When the Risk/Control Catalogue is empty, a wrong “Loading..” message is shown
[BCW-4646] - JVM parameter configuration for KIE Server container is not effective
[BCW-4661] - During the “Risk Assessment” process, a second “Re-assessment” is not triggered if the risk is maintained as “Obsolete” after the first “Re-assessment” rejection
[BCW-4668] - Send message option inside the “Audit Trail” view uses processinstanceid instead of taskid in order to generate the task URL
[BCW-4697] - “Action Management” task is not triggered after changes in “Risk Rating”
[BCW-4701] - Access issue to webclient due to invalid token event after server restarted leads to a UI frozen inside the loading screen
[BCW-4721] - The email notifying the cancellation of a task refers to the task link but does not provide any URL
[BCW-4722] - When the Risk Catalogue is empty, inside the option panel the offered “Export-Options” overlap
[BCW-4786] - In some cases, the initials shown in userchips are calculated in a wrong way
[BCW-4801] - Placeholder not properly replaced inside task description for Risk assessment
[BCW-4870] - Wrong translations inside “Risk Control Matrix” excel files
[BCW-4879] - When the “Action Management” is launched as a result of a previous process or from the catalogues, some fields inside the Action Management Catalogue are not properly displayed
[BCW-4880] - Two columns inside the downloable Excel file of the Control Catalogue and the “Risk-Control-Matrix” are incorrectly referred to the “Test of Completeness”
[BCW-4884] - When “Action Management” is in the “Escalation” step, the corresponding “State” is not shown inside the Action Management Catalogue
[BCW-4897] - “Show controls” feature from the Risk Catalogue is not working properly
[BCW-4899] - When creating a risk through the “New Risk” process with a “Next Risk Assessment” date higher than 30D, the calculated “Review due date” is before the “Due Date”
[BCW-4900] - When creating a control through the “New Control” process with a “Next Test of Design” date higher than 30D, the calculated “Review due date” is before the “Due Date”
[BCW-4965] - During the “Registration of Controls” process, “Back to the previous editor” option turns certain optional fields into mandatory fields
[BCW-4974] - Filter facets are not displayed properly inside the mobile view when the width of the screen is lower than 600px
[BCW-4979] - Some Spanish field translations inside the Control Catalogue “EXPORT” are not consistent with the UI
[BCW-4980] - “Processes” and “Task owner” facets are calculated in a wrong way inside the “Running processes” when the user is an “Administrator” or “Supervisor” or “Participant”
[BCW-4982] - Name display issue in Action Management Catalogue
[BCW-4984] - When opening the MyBIC view, the initials of the user chips are not shown, until the user hovers with the mouse over one of the chips
[BCW-5113] - The color of group chips does not change when a group task is cancelled
[BCW-5141] - Multi-selection filters inside the Risk/Control Catalogues are restricting the number of facet values being displayed to 10
[BCW-5163] - Date-pickers inside the filtering for catalogues do not let the user manually introduce dates in the correct way
[BCW-5277] - Controls associated with risks are not being displayed when entering the “Show controls” view
Version 3.11.4
The following bugs have been fixed in this release
[BCW-5704] - A potential NPE inside the update analysis prohibit the proper update of risks/controls at the end of a GRC process.
Version 3.11.3
The following bugs have been fixed in this release
[BCW-5201] - BIC Design Connector import empty values when the mapped attribute is maintained in several languages but not the data transfer language, instead of resolving the next mapping for the given GRC field
Version 3.11.2
The following bugs have been fixed in this release
[BCW-5061] - Security improvement
Version 3.11.1
The following bugs have been fixed in this release
[BCW-4861] - One internal link inside the Help is not being rendered properly
Version 3.11.0
New features
Filters inside Risk and Control Catalogues are now displaying the total number of risks and controls that match each available facet value.
BIC GRC now automatically resolves inside BIC GRC processes which fields of a risk or control were modified during the process. Only modified fields will be used to update the risk / control at the end of the BIC GRC process.
A new Action Management Catalogue has been added into Applications: it shows dedicated entries for each active or finished Action Management process instance.
Users chips have been added into all the tasks related views in order to easily identify who is the owner of a task. Depending on the appearance of the chip, the user can distinguish if a task is assigned to a single user
or to a user group 
.The Operational Risk Management fields (Impact (EUR) and Probability (%)) are now optional inside BIC GRC processes.
A new chapter has been added into the Help: BIC Process Design Connector. This chapter covers the basic information and logic of the BIC Process Design Connector. As part of this, we explain the following topics:
Import of risks and controls from BIC Process Design
Update of risks and controls in BIC Process Design
Some hints regarding the system requirements
A new chapter has been added into the Help: BIC GRC Processes. This new chapter explains BIC GRC Processes in detail and, as part of this, it answers the following questions for each process:
Who is involved inside this process?
Which tasks are part of this process?
When and how is the Action Management process triggered?
The following bugs have been fixed in this release
[BCW-3947] - The appearance/design of “info” system messages inside the different views of the Administration area was inconsistent
[BCW-4051] - In some cases, the search service had issues to connect to the workflow service
[BCW-4106] - When a risk is rated as “Obsolete” all mandatory fields stay mandatory, instead of that in this case only the “Comment Regarding Risk Assessment” must be mandatory
[BCW-4112] - The user chips inside the “Audit trail” do not show the name of the user / user group as a tooltip
[BCW-4127] - Listed tasks on “My tasks” view do not show the assigned user
[BCW-4226] - Listed tasks on “My processes” view do not show the assigned user
[BCW-4227] - Delegated tasks do not show the assigned user in the “Delegated tasks” view
[BCW-4255] - When the “Action Management” is started based on a “Performance of Control” process, the “Review due” date is maintained with a wrong date
[BCW-4309] - When rating a control as “Obsolete” during the “Test of Design” process, some fields get empty when they should not
[BCW-4321] - When Action Management is started from “New processes” view and a file is attached inside the “Attachments to description” field inside the initial form, the process start fails
[BCW-4322] - When Action Management is started from “New processes” view, the description of the “Implement action” task is not properly created
[BCW-4543] - Generated technical docs show chapter numbers twice (doc and PDF)
[BCW-4544] - Generated technical docs (PDF) do not contain a table of contents
[BCW-4572] - Comments made to a single task card are not being shown
[BCW-4579] - When creating a risk with a user group as “Risk Owner” or “Risk Category Responsible”, a member of this user group with the role “Participant” is not able to see it inside the Risk Catalogue
[BCW-4580] - A “Participant” is not able to see the controls inside the Control Catalogue where he is involved in (only BIC GRC 3.10.0)
[BCW-4664] - A small typo inside the English risk details view
[BCW-4666] - Filters in Risk and Control Catalogues show wrong facet values for users with the “Participant” role
[BCW-4684] - When a user, who is logged in, changes his own email-address, the user is duplicated in the database (since 3.9.0)
[BCW-4685] - When the Action Management process is triggered as a result of a prior process instance, the “Link to Subject of Corrective Action” contains a /main reference
[BCW-4691] - “Options” and “Filter” labels inside Risk and Control Catalogues are not properly translated
[BCW-4692] - Endless loading bar when navigating from Search to a “landing page” view (e.g. “New processes”, “Help” etc.)
[BCW-4693] - Wrong label for the “Next Performance of Control” field inside the Registration of Controls process
[BCW-4732] - In some cases the user is redirected to the 404 error page, when accessing “Risk Assessment” tasks
Version 3.10.1
The following bugs have been fixed in this release
[BCW-5061] - Security improvement
Version 3.10.0
New features
Operational Risk Management fields are now available inside BIC GRC forms. It is possible to maintain the Probability in percentage for a risk and its Impact, and based on this, the Risk expectation will be automatically calculated. These new fields are also part of the available Export file and Risk Control Matrix.
Now it is possible to define a hint text for form fields that are shown when the field is editable.
Redesign of the Log in screen in order to be more aligned to the BIC Process Design product.
The following bugs have been fixed in this release
[BCW-3812] - Available values for the field “Control Effect” are not properly harmonized between BIC Process Design and BIC GRC
[BCW-3851] - Sometimes it is possible to set the due date of a task to a date value later than allowed
[BCW-3953] - Deleting files already attached to a form directly removes them from both Risk and Control Catalogues even without finishing the related task
[BCW-3958] - When creating a risk or a control through the New Risk and New Control processes, the “History” section inside both catalogues shows a reference to kieserver, instead of showing the initiator
[BCW-4035] - Some wrong labels inside the “New Control” process form
[BCW-4131] - Typos in some “Interval for…” and “Reminder” drop-down fields
[BCW-4270] - Vershion dashboard showing wrong names for GRC Search, GRC Solr and Help containers
[BCW-4273] - Performance of Controls process instances show any attachment related to other instances
[BCW-4276] - LDAP and SSO users are not created internally when they first log in (only 3.9.X)
[BCW-4317] - When an Action Management is started in the context of risks or controls, the define action task does not contain the proper reference to the risk/control name in all task list views
[BCW-4336] - User gets a notification on the task that says there is an older instance but has not link and is not accessible
[BCW-4350] - Excel exported files of both catalogues contain more risks and controls than the corresponding catalogues because of the search index being out of synch
[BCW-4351] - During the GRC search index creation, the system throws an exception when trying to index an empty field, instead of just handle this situation as an expected situation
[BCW-4357] - Based on the current deployment approach for a private cloud GRC system, the new online help is not accessible for such systems
[BCW-4400] - Error in email service trying to send email notifications to user groups which have no user
[BCW-4514] - When a Participant enters the Risk or Control Catalogue, he is able to see all risks and controls instead of only the ones he is involved in (only affected version 3.9.0)
Version 3.9.1
The following bugs have been fixed in this release
[BCW-4337] - Error during the reindex of risks and controls due to unexpected field value format
Version 3.9.0
New features
Users can now access the online help, which is integrated inside the Help area. It contains information and examples about BIC GRC main features, and also the Release Notes for each version.
It is now possible to filter the entries of the Risk Catalogue based on the risks properties. The filtering is located on the right side as part of the Options menu, which now contains two tabs:
Filter: When entering the Risk Catalogue, the filtering tab will be the active tab.
Options: This tab still provides the Export and Risk Control Matrix.
It is now possible to filter the entries of the Control Catalogue based on the control properties. The filtering is located on the right side as part of the Options menu, which now contains two tabs:
Filter: When entering the Control Catalogue, the filtering tab will be the active tab.
Options: This tab still provides the Export option.
The History view now looks similar to the corresponding Risk Catalogue or Control Catalogue.
The stock configuration of the write back mapping for the BIC Cloud Design Connector has been updated.
It is now possible to maintain user accounts in different tenants with the same email address.
The following bugs have been fixed in this release
[BCW-3566] - BIC Design Connector: Not supported diagram stereotypes lead to ERROR log entries instead of INFO log entries
[BCW-3571] - The available values of the “Risk rating” field in BIC Process Design are not mapped properly to the available values for that field in BIC GRC
[BCW-3715] - Some small typos in process names
[BCW-3728] - In some cases it is possible that “Analyst” or “Participant” roles are able to see more information inside the Search than their user roles are allowed to
[BCW-3791] - When uploading a file to “Attachments Regarding Risk Assessment” inside the New Risk process, the attachment is not shown in the risk Details afterward
[BCW-3813] - Test of Design of Controls not compilable with OpenJDK 11
[BCW-3848] - There were duplicated localization entries related to facets
[BCW-3849] - When the user is a “Participant” only involved into a control as “Execution of Control”, he cannot see the control inside the Control Catalogue
[BCW-3890] - Wrong german headline in MyBIC view in case of no tasks to be shown
[BCW-3892] - When navigating from Running processes to a landing page like New processes, a loading indicator appears in the header that stays, even if the view is finally loaded
[BCW-3895] - Flickering panel when switching between tabs inside Running processes
[BCW-3901] - During the indexation of a task, an error caused by empty data could break the search service
[BCW-3924] - Filenames not shown after submitting form: Related to permissions problem at the file service
[BCW-3937] - When trying to remove an attached file during the Action Management process that was just attached one process step before, an error occurred and the file could not be removed
[BCW-3944] - Some typos inside tasks descriptions with wrong punctuation marks
[BCW-3988] - Process listener is mandatory in processes to allow task listener to work, which may lead to problems inside customer-specific process definitons
[BCW-4036] - When a risk is connected to an activity in BIC Process Design, the connector only identifies EPC activities properly. Therefore only, in this case, the activity name appears as “Risk Context” in BIC GRC
[BCW-4124] - “Risk Rating” is not written back through BIC Process Design Connector
[BCW-4216] - When opening the details of a user group inside Administration - User groups, an error occured when there are users already in keycloak but not inside the internal user management (especially in case of a LDAP setup)
[BCW-4217] - Risk name and Control name are not shown properly inside task descriptions
Version 3.8.3
The following bugs have been fixed in this release
[BCW-3901] - During the indexation of a task, an error caused by empty data could break the search service
Version 3.8.2
The following bugs have been fixed in this release
[BCW-3907] - When using a customized process, it can happen that the tasks that belong to that process cannot be opened.
Version 3.8.1
The following bugs have been fixed in this release
[BCW-3896] - When Action Management process is started based on a workflow like Risk Assessment, the start failed, because the wrong version of Action Management process is used.
Version 3.8.0
New features
The Users section has been redesigned. The button for adding new users has been moved to the Options menu bar. Also, the current number of all existing users is now being displayed in the header bar, next to the breadcrumb.
The Risk Catalogue desktop view has been redesigned. The Export and Risk Control Matrix buttons are now available on the Options menu bar on the right side.
The Control Catalogue desktop view has been redesigned. The Export button is now available on the Options menu bar on the right side.
Users can now filter the tasks that are shown in the My tasks, My processes and Delegated tasks views. The available filter facets are similar to the already known facets from the Search view. Based on this new filter options, users can now distinguish in the My tasks view between tasks that are assigned to the user itself or assigned to a user group.
As a system administrator, it is now possible to deactivate and reactivate a tenant. A deactivated tenant is not accessible anymore.
Hint: Please consult the installation manual for further information.
The following bugs have been fixed in this release
[BCW-3316] - User service write in some cases misleading log error messages, which are not an error
[BCW-3409] - In some cases, tooltips on the Risk and Control Catalogues appear distant from its cell
[BCW-3560] - Chiplist in workflow forms are filtered by wrong containerId and processId but should not be filtered at all
[BCW-3563] - When changing “Risk Context Category” in Registration Of Controls process form, the “2nd Risk Context Subcategory” will not be reset, if it was maintained before
[BCW-3570] - A customer specific logo picture is not resized respecting the aspect ratio / the width-to-height ratio
[BCW-3571] - The available values of the “Risk rating” field in BIC Process Design are not mapped properly to the available values for that field in BIC GRC
[BCW-3585] - After uploading a file to a form, the filename is not shown properly if the form is opened in read-only mode
[BCW-3596] - Avoid to show sensitive information when logging messages
[BCW-3597] - When changing the due date of a task in MyBIC view, all tasks in the task list appear temporarily twice
[BCW-3598] - When opening a form, the check for previous instances takes noticeable long
[BCW-3599] - When an Action Management group task in process step “Define action” is claimed by a user, the descriptive line changes to “Define action” instead of still showing the initial descriptive line
[BCW-3600] - When Risk Assessment process is started automatically, the Re-assessment task cannot be reached
[BCW-3641] - TenantUUID is necessary for tenant creation, but is not mentioned in the installation manual
[BCW-3711] - Missing authorization control
[BCW-3712] - Password change without current password
[BCW-3713] - Remove unnecessary information from user service requests sent back to UI
[BCW-3717] - The facet value “Done” in the search facet “State” leads to an empty search result list
[BCW-3718] - Some english typo in the MyBIC view
[BCW-3719] - It is not possible to claim group tasks
[BCW-3786] - “My tasks” view do not show group tasks where the user belongs to
[BCW-3800] - Typo in descriptive line of Action Management (AM) task, if AM was created as a result of Risk Assessment process and the risk has the risk response “Transfer”
[BCW-3807] - When the “Control Effect” field is changed during Test of Design process, the changed value is not persisted properly inside the control
[BCW-3814] - Control Catalogue shows controls for one particular risk when navigating from risk details page directly into the Control Catalogue
[BCW-3818] - In some cases, error log entries in search service do not show a stack trace, when it should have one