-
New Policy Templates Released
New security templates are now availble. The first 15 policies in the new format are now available at the following url. Creation of new policies will continue to happen over the next couple of months and will culminate in a full set of security policy templates to fulfill the needs of most companies. These templates must…
-
The new NIST AI RMF 600-1 GAI Profile is now available in production
The new NIST AI RMF 600-1 GAI Profile is a full framework to conduct assessments against Generative Artificial Intelligence (GAI) implementations. The 600-1 GAI Profile is built off the 100-1 RMF and includes the same controls with enhanced guidance as to the requirements to fulfill for GAI installations in particular.…
-
The New CJIS v6 Assessment and Task Pack is now Live in Production
We have created a new assessment and task pack for the CJIS v6 framework within the product. The assessment was built off the framework controls and is structure to map one question in the assessment to one control in the framework. This give the assessment the same amount of questions (406) as there are controls within…
-
New in our Vendor Risk Manager: Smarter Vendor Data Ingestion
We just made it easier (and faster) to manage vendor risk—on your terms. With our latest update to the Vendor Risk Manager, you can: Upload your vendor lists in seconds: No more one-by-one entry Use your own vendor questionnaires: Bring your existing templates into Apptega to keep your processes consistent and customized…
-
CMMC v2.13 (the CMMC final rule) is now available!
April 23, 2025: We have now released the final version of the CMMC framework. The new version is v2.13 and we have published the framework, assessment, and task pack (level 1 and level 2). The final rule was published on October 14, 2024 and went into effect on December 16, 2024. While the rule went into effect on December…
-
The Knowledge Base Has Joined the Community!
Since April 1st, the Apptega Knowledge Base officially lives here—inside the Apptega Community. Why the move? Because it just makes sense to bring everything together: One search bar, everything you need – Find KB articles, feature requests, and user discussions all in one place. Ask questions right where you are – No need…
-
📝 📢 Fall Product Launch Event Recap!
We covered a lot in our fall product launch event, so I wanted to compile all the announcements for you to have them in one place... New Content: New Frameworks: ISO 42001, PCI DSS 4.0, NIST 800-171 Rev. 3, and NYDFS. (Released in 2024) Updated Frameworks: Virtually every framework we support, such as HIPAA, CIS v8, NIST…
-
Don’t miss our Spring Product Launch: Go Further 🧑🚀
The security landscape is shifting—services are getting commoditized, margins are shrinking, and one-off projects aren’t enough to keep a business afloat. Go Further, our spring product launch event on March 26 at 1 pm ET is your gateway to new playbooks, powerful innovations, and a partner program designed for long-term…
-
NIST 800-171 Revision 3 – Coming December 9th – What You Need to Know
The National Institute of Standard and Technology (NIST) released the final version of the NIST 800-171 Rev. 3 in May of 2024. The Department of Defense (DoD) released the new version of the framework to include new controls and guidance to better protect Controlled Unclassified Information (CUI). This new version is not…
-
📰 CMMC 2.0 in 2025 Discussion
Hello everyone! I recently read this Breaking Defense article that discusses the implementation of the Cybersecurity Maturity Model Certification (CMMC) 2.0. In the article they state: "The 32 Code of Federal Regulations (CFR) final rule, which lays the framework for CMMC 2.0, went into effect on Dec. 16, but the DoD won’t…
-
NYDFS 500:2023 Assessment and Task Pack is now Live in Production
The new NYDFS 500:2023 Assessment is now available for use. The assessment was created off of the framework and includes a 1 question to 1 control mapping. Each question was created off of the text of the control. Not all sections of the framework are included in the assessment due to the nature of the framework content.…
-
NIST AI RMF 100-1 is now Active in all Environments (5-30-2025)
We are proud to announce the NIST AI RMF 100-1 framework is now active and ready to use. The NIST AI RMF 100-1 is the outline for conducting assessments of AI of all kinds. It includes the content from the original published rule including all supporting content to not only provide the control, but also the supporting…
-
AI Policy template (Compliance Library in the Knowledge base)
Hi Apptega, Are you guys going to be creating an AI policy template for the Compliance Library within the knowledge base any time soon? Thanks, Raj.
-
Take Our 2025 Compliance Benchmarking Survey
Hey Apptega community, you're invited to participate in our 2025 Compliance Benchmarking Survey! Help us uncover the latest compliance trends by sharing your perspective in this anonymous 3-minute survey. Last year, Apptega published its inaugural State of Continuous Compliance Report, offering unique insights and…
-
Tip Tuesday: How-to use the Hour Tracker
Keeping track of how many hours your team is spending on compliance is a good way to identify inefficiencies and improve your workflows. Setting the Total Hours for a Framework Click on the Report tab in the Quick Links sidebar. Scroll down to find your Budget Tracker. Switch the tracker from the Budget tab to the Hours…
-
Tip Tuesday: Understanding Custom Frameworks in Apptega
Understanding Custom Frameworks in Apptega Custom frameworks in Apptega are designed to help organizations meet their unique compliance and governance needs. Unlike standard pre-built frameworks, custom frameworks allow businesses to define their own controls requirements which incorporate internal policies and regulatory…
-
Tip Tuesday: How-to Create a Questionnaire
Whether you're looking to create a questionnaire from a pre-saved template or create one from scratch, this Tip Tuesday has got you covered! Start by clicking on the Manage tab in the Quick Links sidebar and select the Vendor Risk Manager dropdown option. Switch to the Questionnaire tab in the Vendor Risk Manager page.…
-
Tip Tuesday: How-to Bulk Import Tasks
Streamline your task workflow by importing tasks in bulk with a simple upload of a Task Excel File into the Apptega platform! Click on the Manage tab in the Quick Links sidebar and select the Task dropdown option. Once you're in the Task View page, click the Download link underneath the Import Tasks button. This will…
-
Tip Tuesday: How-to Schedule a Report
Whether you want to set up recurring reports or make sure you don't forget to create a report in the future, the Scheduled Report feature has got you covered! Click on the Report option in the Quick Links sidebar or select the Report tile in your Home Page. Select the Framework you'd like to schedule a report for in the…
-
Tip Tuesday: How-to add Automated Recommendations to your Assessments!
Address any of your compliance gaps with Automated Recommendations! When you create an assessment and Add Recommendations, you can allow automated recommendations and select the Audience and the Level of Detail that you want the recommendations to have. Recommendations will be generated based on the answers that you…