Help Center
News
Help Center
News
Sign in
Document
Documents & PoliciesQuestionnairesControls & Technical and Organizational Measures (TOMs)Report ExplorerAsset RegisterFrameworksRecord of Processing Activities (ROPA)Exporting your ROPAVendorsImpact Assessments (IA)Legitimate Interest DocumentationsMeetings & ActivitiesRetentions & Deletions PeriodsData Collection Point (DCP)Add documents to vendors
DPIA
Assessments
ROPA
Assets
International Standards & Frameworks
TOMs & Controls
Categories & Attributes
Data Collection Points
Legal Basis
Legitimate Interest
Documents & Policies
Retention & Deletion
Data Flow
Vendors
Questionnaires
Manage
Process Risk OverviewData Flow Map
Dashboards
AI Assistance & Automation
Projects
Tasks
Meetings & Activities
Workflows & Automations
Reporting
React & Resolve
TasksProjectsIncidents & BreachesData Subject Requests
Risk Scenarios & Treatments
Incidents & Breaches
Release Notes
Q2 2026
Q1 2026
Q4 2025
Q3 2025
Release 277 (02.08.2025)Release 278 (04.08.2025)Release 279 (09.08.2025)Release 280 (18.08.2025)Release 281 (20.08.2025)Release 304 (24.08.2025)Release 305 (26.08.2025)Release 306 (28.08.2025)Release 307 (29.08.2025)Release 308 (01.09.2025)Release 309 (06.09.2025)Release 310 (08.09.2025)Release 311 (09.09.2025)Release 312 (11.09.2025)Release 313 (12.09.2025)Release 315 (17.09.2025)Release 316 (19.09.2025)Release 317 (26.09.2025)Release 319 (28.09.2025)Release 322 (30.09.2025)Release 270 (06.07.2025)Release 271 (11.07.2025)Release 272 (15.07.2025)Release 273 (21.07.2025)Release 274 (25.07.2025)Release 275 (26.07.2025)Release 276 (02.08.2025)Release 302 (15.08.2025)
Q2 2025
Q1 2025
Q4 2024
Q3 2024
Q2 2024
Q1 2024
Q4 2023
Q3 2023
Q2 2023
Q1 2023
Q4 2022
Q3 2022
Getting Started
Quickstart GuideQuestionnairesTasksProcess Risk OverviewIT SettingsFrameworksThe Information Security / Asset Risk ModelData Subject RequestsDownloading an elementLegitimate Interest DocumentationsAssigning Audiences to ElementsDocuments & PoliciesControls & Technical and Organizational Measures (TOMs)General SettingsCreating attributes that fit your industryDocument list for onboardingThe Data Protection Risk ModelIncidents & BreachesProjectsManaging audiencesAdd documents to vendorsHow to answer an assessment/questionnaireSetting up the first organization or companyData Collection Point (DCP)Use AI to create elementsSetting Risk models in General SettingsSharing ElementsHow can a user change the language?Data Flow MapRecord of Processing Activities (ROPA)Time MachineCreate and evaluate assessments Company Widget FeatureAsset RegisterVendorsImpact Assessments (IA)Creating organizational unitsExporting your ROPAMeetings & ActivitiesTerms for legitimate processingRetentions & Deletions PeriodsHow to create a new user and how to change the password for loginReport ExplorerMaturity modelAdding risk scenarios to assets or asset groupsRelevant Risk SzenariosPriverion GRC Platform overviewDocument list for onboardingHow can a user change the language?Setting up the first organization or companyCreating attributes that fit your industry
User account
Sharing & Group functions
Features
How-To Guides & Tips
Get Help
Legal
Settings
General Settings
Compliance settings
Identity and access management
IT Settings
Risk Settings

Release 270 (06.07.2025)

Release 270 introduces a comprehensive role-based access control (RBAC) system, giving administrators fine-grained control over what each user role can see and do across the entire platform.

New Release

Version: 270
Release Date: 06.07.2025 19:00 CET

Overview

This release delivers a major expansion of the permission and role management system in Priverion DPMS. Administrators can now create fully customisable roles with granular read, write, and "only assigned" access rights across every module. Alongside this, a range of smaller improvements and fixes have been applied throughout the application.

Contents

  • What's new
  • Improvements
  • Fixes
  • Known issues

What's new

Role-Based Access Control (RBAC) — Custom Roles

A fully redesigned Roles section is now available under IT Settings. Administrators can:

  • Create custom roles with a dedicated creation screen, including a "Select all" column for quickly granting permissions across an entire module.
  • Define granular permissions for each role: read-only, read/write, or access limited to elements the user is personally assigned to — across all major modules including ROPA, Assets, TOMs, Incidents, Vendors, Projects, Assessments, Documents, Tasks, Workflows, and Settings.
  • Delete custom roles directly from the roles list; system roles remain protected and cannot be deleted.
  • View assigned users for each role: the roles index table now shows which users hold a given role.
  • Filter roles by type (system or custom) in the roles list.

Permission Enforcement Across All Modules

All screens in the platform now respect the permissions defined in the user's role. Concretely:

  • Add, edit, and delete buttons are hidden or disabled when the user lacks the required permission.
  • Import/export actions are controlled by dedicated import and export permissions.
  • Workflow triggers are governed by workflow-specific permissions.
  • "Read only to assigned" mode restricts a user to viewing only the records they are personally responsible for, in modules such as ROPA, Assets, Vendors, Incidents, and more.
  • The 403 error page has been improved to give clearer guidance when a user accesses a page they do not have permission to view.

Assessment Template Workflow Warning

When an assessment template is already in use by one or more active workflows, the system now displays a clear warning before allowing changes, preventing accidental disruption to running processes. [NG-4583]

Relevant TOMs Validation

The "Select all relevant" button in TOMs now includes validation: if required fields are incomplete, the button highlights the missing items and shows a tooltip explaining what needs to be addressed before proceeding. [NG-4553]

Improvements

  • Roles index — The table now displays user counts and a name-with-logo cell that visually distinguishes system roles from custom roles.
  • User Management — Create/Edit user — The role assignment UI now reflects the updated RBAC model and shows available roles in a cleaner layout.
  • Checkboxes in role creation — Checkboxes now highlight in red when a validation error is present, and return to normal once the user interacts with them, giving clearer feedback during role setup.
  • Permissions sorted — Permission options in the role editor are now sorted alphabetically for easier navigation.
  • Navigation / Quick Nav filter — The quick navigation search now correctly filters results, improving findability across large datasets. [NG-3850]
  • Tabs — Tab menus throughout the application have been refactored to support drag-and-drop reordering and arrow-key navigation when there are many tabs.
  • Vendor form — Back-navigation after saving a vendor record now correctly returns the user to the expected previous screen.
  • AI autogenerate — The AI field auto-generation in ROPA now correctly supports multiple responsible persons. [NG-4619]

Fixes

  • ROPA — Fixed an issue where a "forbidden" message was incorrectly displayed for users with valid ROPA access. [NG-1681]
  • Roles — Fixed a bug where saving a custom role's permissions did not persist correctly. [NG-1681]
  • Roles — Fixed an error that occurred when creating a company with a user assigned a custom permission set. [NG-1681]
  • Sharing / Publishing — Fixed an error when saving sharing settings and validating permalinks. [NG-1681]
  • User Management — Fixed the roles list not displaying correctly in the user management screen. [NG-1681]
  • Data Mapping — Fixed a Redux state selection error affecting the data mapping view. [NG-1681]
  • Deleted items message — Fixed a bug where a "deleted items" notice was shown even when no items had been deleted.
  • Checkbox alignment — Fixed vertical alignment of checkboxes in the user creation form.
  • Role sorting — Fixed an error when sorting roles by name in the roles list.

Known issues

No known issues.

Feedback and Support

We value your feedback. If you encounter any issues or have suggestions, please contact our support team:

  • Schedule a Meeting: Via the Help Widget
  • Give Feedback with Screenshots: Via the Feedback Button in the Help Widget
  • Schedule a Support Call: Here
  • Schedule a Technical Support Call: Here

Was this article helpful?

English
Powered by Product Fruits