RegScale 6.32.0.0

[6.32.0.0] 06-28-2026

Important Release Disclaimer

RegScale version 6.32.0.0 introduces a new and improved UI navigation experience.

Customers may choose to remain on the legacy UI; however, most new features and improvements are available only in the new UI.

Some bug fixes apply to both UI patterns, but not all enhancements are backward compatible.

To learn more about UI changes, refer to the transition guide:
RegScale v6.32 UI Transition Guide


Enhancements

AI Settings (Early Access)

  • Introduced a new RegML adapter allowing customers to connect RegML to their preferred LLM
  • Supports both cloud-hosted and on-prem LLM configurations
  • Enables secure use of AI capabilities while maintaining compliance controls
  • Early access feature — contact your account team to enable

Cause Codes

  • Added import/export capability for Cause Codes
  • Enables standardized categorization of issues across the organization
  • Improves issue tracking and reporting consistency

Compliance Settings Enhancements

  • New framework-based UI tailoring capabilities:

    • Hide irrelevant forms, tabs, fields, and exports per framework
  • Support for multi-framework selection

  • Dynamic UI updates when switching frameworks


Facilities & Organizations

  • Export and import JSON templates for:

    • Facilities
    • Organizations
  • Enables bulk onboarding and system-wide configuration of dropdown data sources


Catalog Enhancements

  • Catalog controls now support direct associations to:

    • Evidence types
    • Risk records
  • Enables cross-system reuse of catalog relationships

Evidence & Risk Linking

  • Added Evidence and Risk views within:

    • CRI Catalog
    • SCF Catalog
  • Users can now manage:

    • Suggested evidence artifacts per control
    • Risk register entries tied to controls

Catalog Importer Improvements

  • Performance improvements for large catalog imports
  • Progressive ingestion with real-time progress indicator
  • Pre-import visual preview of catalog contents

Compliance Explorer

Framework Network Graph

  • Visual graph of framework relationships
  • Interactive control mapping visualization

Mapping Explorer

  • Compare control mappings between any two frameworks
  • View equivalencies and relationships

Gap Assessment

  • Identify coverage gaps between frameworks
  • Switch mapping standards dynamically

Continuous Controls Monitoring Dashboard

Aggregate View

  • Unified compliance posture across all Security Plans
  • Risk plot highlights outliers

Attestation

  • RMF onboarding progress tracking
  • Filter by system, component, or organization

Assurance

  • Control assessment status (pass/fail/validity)

Remediation

  • Identify high-priority risks and vulnerabilities
  • Assign issues directly from dashboard
  • Supports KEV-based filtering and ATO status updates

Risk View

  • Risk cost analysis tool
  • Track mitigation burndown trends

Control Implementations

Kanban View

  • Control workflow visualization:

    • Draft → Pending Approval → Approved → Rejected → Re-Approval Required
  • Filtering by control family or owner

  • Search across all controls

Bulk Editor (Excel-Style)

  • Multi-select editing for:

    • Owner
    • Status
    • Responsibility
    • Source
    • Inheritability

Approval Workflow Automation

  • New workflow trigger capability
  • Automatically initiate approvals on control changes
  • Full audit trail in control timeline

Evidence Locker Dashboard

System-Level Views

  • View all evidence by:

    • Security Plan
    • Component
  • Includes status, owner, control mapping, and due dates

Control-Level Views

  • Search evidence by control
  • Consolidated evidence tracking per control

Drill-Down Enhancements

  • Access files, links, and mappings directly from records

Bulk Editor

  • Edit:

    • Owner
    • Due date
    • Approver
    • Status
    • Frequency

Evidence Module Enhancements

Evidence Versioning

  • Full file version history tracking

  • Download and review historical evidence uploads

  • Available at:

    • Evidence record level
    • System/component level

Multi-Framework Support

RegScale now supports:

  • Secure Control Framework (SCF)
  • Cyber Risk Institute (CRI)

Key Capabilities

  • Import SCF and CRI control profiles
  • Framework-specific evidence and risk mappings
  • Unified cross-framework compliance analysis

Framework Highlights

CRI

  • Financial services regulatory mapping (FFIEC, NYDFS, OCC, etc.)
  • Domain-based control structure

SCF

  • Unified control framework across 250+ regulations
  • Pre-mapped evidence types per domain
  • Can act as a bridge framework across compliance programs

🧭 Map Across Frameworks Workspace

  • Unified compliance posture across frameworks
  • Gap assessment for regulatory coverage
  • Cross-framework scorecard view

Navigation Enhancements

  • Replaced top/right panel navigation with unified left-side navigation

  • Faster access to dashboards and modules

  • Consolidated form toolbar actions

  • Centralized view of:

    • Tasks
    • Work items
    • Active processes

SSP Creation Wizard

  • Single-flow SSP creation experience:

    1. Name security plan
    2. Select compliance profile
    3. Choose catalog
    4. Select threat model (optional)
    5. Review summary
    6. Real-time provisioning progress

Optional Enhancements

  • FIPS 199 categorization
  • Control inheritance
  • Component association
  • AI Author (RegML SSP drafting)

Consolidated Issues View

  • Unified issue tracking per Security Plan

  • Supports:

    • Owner tracking
    • Facility-based issue aggregation
    • Milestone planning
    • Open task visibility

Workflow Designer Enhancements

Triggers

  • Auto-trigger workflows on:

    • Create
    • Update
    • Status change
  • Automates task assignment and process initiation

Digital Signature

  • Add digital signature step to workflows
  • Supports approval and audit requirements

Notes

  • Some features are new UI only
  • Legacy UI does not receive all enhancements
  • AI Settings is early access and requires enablement