Skip to content
Start the Conversation

More frameworks.

Cleaner records.

Sharper insights.

We've released a new set of updates that expand your framework coverage, streamline how you work with records, and sharpen your dashboards in BACKSTOP. 

 Built to Evolve, 

Just Like Your Risk Landscape.

 

New Features at a Glance

Add New Frameworks Anytime

Know where you stand on every compliance obligation, the moment you take it on.

Add a framework anytime and it maps to your controls automatically, giving you an instant read on your risk and compliance gaps across the standards you answer to, from SOX and C-SOX to COBIT, Z 246.1, SOC 2, and S211. d. 

Detail Panels for Controls, Processes, and Risks

Work with your records with more confidence and less risk of accidental edits.

Controls, Processes, and Risks now open in a clean read-only view, editing is a deliberate step with a clear save, and the actions you use most are easy to find. Sign-off and history now sit right at the top. 

 

Easier Control-to-Framework Maintenance 

Keep your control-to-framework mapping accurate without leaving your work.

Adjust the frameworks a control supports right from its detail panel using type-to-search, and see everything you have mapped grouped neatly by framework. 

Read more

Frameworks

Compliance monitoring has always been a challenge, especially when you answer to more than one standard.

This release makes it instant. Add a framework and it maps to your controls as it imports, so your position is visible right away and you can track several obligations at once, or each on its own. 

Operational impact

  • See your risk and compliance gaps the moment a framework is added

  • Take on a new obligation without rebuilding from scratch

  • Monitor multiple frameworks at the same time, or one at a time 

Read more

Detail Panels

Working with an object is more intuitive from the moment its panel opens.

The read-only default keeps you from changing things by accident, edit mode and a clear save step make changes deliberate, and a consistent layout across all three object types means there is less to relearn.

Sign-off and a full change history, in reverse chronological order, sit at the top of the drawer. 


Operational impact:

  • Review and update records with fewer accidental changes

  • Find sign-off and history without hunting through the interface

  • Keep a complete, audit-ready record of activity 

Read more

Control-to-Framework Maintenance

Automatic mapping gets you started, and this keeps maintenance just as easy.

When a control needs to map differently, you can adjust it on the spot, and grouping by framework makes it easy to see exactly what each control covers. 

Operational impact:

  • Keep your control mapping accurate with less effort

  • See at a glance which frameworks each control supports

  • Maintain multi-framework alignment as your program evolve

Every enhancement is designed to save you time—and  improve quality. 

Full Update Log

We’re always making changes to help you manage risk with more confidence.

Explore the complete history of updates below. 

Spring 2026 Product Release

Full Update Log - Spring 2026 Release

Here's a detailed look at what's new and enhanced in this release. From expanded framework support to a redesigned record experience and sharper dashboards, every update is designed to help teams manage risk with greater clarity, consistency, and confidence. 

 

Add New Frameworks Anytime

Adding frameworks to your account is now a core capability for every client. New frameworks can be added anytime, with imports that carry scope, criticality, and control mapping. The NIST CSF 2.0 framework is recognized automatically on import, and control-to-framework linking has been automated. Other frameworks will map automatically on import as well.  

Benefit: Imports that arrive structured and ready to use. Compliance monitoring has always been a challenge. Multiple concurrent frameworks or individually with one click. Compliance requirements for SOX/CSOS, COBIT (ITGCs), Z 246.1 Critical Infrastructure, SOC2, S211 Forced Labour, etc.  

 

Linking Controls to Frameworks

You can now link framework items directly from the Control detail panel using type-to-search, with linked items grouped by framework under their own sub-tabs. 

Benefit: Faster, clearer maintenance of control mapping to frameworks.

 

Detail Panels for Controls, Processes, and Risks

The detail panels for Controls, Processes, and Risks now open in a clean read-only view by default, with a dedicated edit mode and a clear save step. Actions are easier to find, and the layout is consistent across all three object types. 

Benefit: A more predictable, intuitive workflow when reviewing or updating records. 

 

General Enhancements

You no longer have to search to sign-off or review object histories. These features are now front and center at the top of the object drawer when accessed.  

Change history now applies across all objects in reverse chronological order, so the most recent activity appears first. The Controls list has also been refined so signed-off controls stay consistently in view. 

Benefit: A complete activity record for review and audit, with a smoother day-to-day experience. 

Winter 2025 Product Release

Full Update Log – Winter 2025 Release

Here’s a detailed look at what’s new and enhanced in this release.

From expanded dashboard visibility to more efficient assurance execution, every update is designed to help teams manage risk with greater clarity, consistency, and confidence.

 

Dashboards

Dashboard capabilities have been expanded to support deeper exploration and more informative reporting across risks, controls, and frameworks.

Drill-down views now provide greater visibility into control coverage, outstanding framework items, and alignment status. Cyber posture views now highlight the criticality of outstanding items and align directly to the primary categories of the NIST CSF 2.0 framework. Control Effectiveness, Assurance Status, and risk views now work together more cohesively. 

Benefit: Clearer insight into control coverage and framework alignment, with dashboards that support real decision-making and confident reporting.

 

Self-Assessment Questionnaires (SAQ)

The SAQ experience has been further enhanced to provide clearer context, smoother workflows, and more efficient review from launch through submission.

Additional context is now visible in the control list at launch, including the last assessed date and control testing frequency. Workflow clarity has been improved to support intuitive progression. Notification and delegation emails now include direct links to user control assessments. Requests for control evidence only appear when applicable, and the administrative response view has been refined to improve readability and provide more room for control owner comments.

Benefit: Faster assessment execution, clearer ownership, and more efficient review with less follow-up overhead.

 

Frameworks

Framework alignment views have been enhanced to surface clearer insight into scoped items, control linkage, and outstanding alignment activity.

Framework metrics now reflect meaningful alignment based on scoped items, gap identification and criticality, supporting a more informed view of readiness.

Benefit: Stronger visibility into framework coverage and clearer prioritization of alignment efforts.

 

Out-of-the-Box Ready

Introduced a pre-built system of IT processes, risks and controls available from day one that we connect to chosen frameworks. 

Benefit: Get operational in days, not months, with a structured starting point instead of rebuilding from scratch.

 

General Enhancements

Across the platform, UI consistency, formatting, and validation behaviours have been refined to reduce friction and improve reliability.

Benefit: A smoother experience overall, especially during high-pressure assessment and reporting periods.

Fall 2025 Product Release

Full Update Log – Fall 2025 Release

Here’s a detailed look at what’s new and improved in this release.

From tighter assurance workflows to smarter reporting, every change is designed to make BACKSTOP faster, clearer, and more connected.

 

Assurance Model

We’ve launched BACKSTOP’s new Dual Assurance Model, combining full assurance and self-assessment into one flexible framework.

Benefit: Choose your approach based on timing and rigor — run independent assurance for audit-grade validation or self-assessments for speed and efficiency.

 

Controls

Control management just got smarter. New fields for Control Self-Assessment, Evidence Required, and Control Objectives connect assurance results, evidence, and intent in one view.

Benefit: Streamlined traceability, consistent documentation, and stronger accountability across every control owner.

 

Risks

Risk records now include a Financial Impact field and a full history log that captures the reason behind every change.

Benefit: Greater accountability, better visibility into how risk ratings evolve, and more reliable audit trails.

 

Frameworks

Framework management has been upgraded with a Framework Item Criticality field and enhanced scoping and testing views.

Benefit: Focus your efforts where they matter most — prioritize critical framework items and track testing progress with confidence.

 

Reporting

New reports have been added to make performance monitoring easier than ever:

  • Process-Risk-Control (PRC) Report: See how processes, risks, and controls connect.

  • Control Testing Status Report: Track control test progress and results in real time.

Benefit: Improved visibility and communication of control effectiveness across teams.

 

General Enhancements

BACKSTOP's core architecture continues to evolve with tighter integrations between modules — including assurance, controls, frameworks, and dashboards.

Benefit: Smoother workflows, reduced duplication, and a more cohesive user experience overall.

 

 

 Start Building Risk Confidence 

From dashboards to audits, see how BACKSTOP helps your team stay ahead.