In thinking through our product strategy and how we wanted to address the massive opportunity behind enabling customers to build trust on the internet, we saw more unsolved problems in the connections between vendors and their customers around data security and trust. We saw more traction and momentum with Rooms and Vendor Management as part of the trust network we hoped to build. At the end of May, we made the decision to spin out a new company (Conveyor) to focus on that opportunity. With this spin off and need to refocus our efforts came the difficult decision to sunset the Comply GRC product to ensure that we can deliver an excellent product experience through Conveyor with our trust-building tools and through Aptible with Deploy.
What is the future of the GRC product as supported by Aptible? How long can I continue using Comply GRC?
We will provide support for existing customers on Comply GRC through the end of their contract period. Beyond the end of their contract period, customers will have free access to Comply GRC until it is sunset in June 2022. Beginning immediately, we will be advising customers to seek out alternative GRC solutions. After the sunset, users will no longer have access to Comply GRC or legacy tools. If you would like to have a conversation about how to achieve your current use cases on alternative tools, we will be happy to schedule a call and provide recommendations on other training or GRC solutions. Please contact [email protected] to set up a time to speak with our team directly.
Deploy will continue to be fully supported and we will be investing more resources into Deploy to fill some of the gaps Comply has not delivered for Deploy customers today. Through listening to feedback from Deploy customers using Comply, we are evaluating what aspects of Comply GRC and the legacy tools we may bring into Deploy. For more information on this, please see our Compliance-Oriented roadmap. To share feedback with us directly about how we can continue to make Deploy a stronger tool for your team, please reach out to [email protected] to schedule time with us.
Our DPA Team no longer supports GRC requests. We recommend updating your GRC content in-app or exporting your ISMS and updating offline, with the ultimate goal of migrating and maintaining your ISMS outside of Comply GRC.
I have new asset data I need help loading in (devices, code repos, etc). Will your team help load that data since you don’t bulk import?
We do not support bulk data uploads at this time apart from the basic comma separated import we do currently support in-app. We recommend moving any additional content to a new solution.
We encourage our GRC customers to explore new GRC tools if they are looking for a long-term solution. Support on Comply GRC will only continue through the end of your contract period and training for new users will not be offered moving forward.
If a user needs interim training or support, they can reference our documentation site for assistance or reach out to support for specific questions.
I am in the middle of my audit and I am using your tool for evidence. How can I get all of that evidence out of the system for a future audit?
We recommend tying your evidence to request list items in your Audits tool and exporting evidence by type and purpose.
To export any content under the GRC section, click the “Export” button in the upper righthand corner of the policies, procedures, controls and frameworks pages. The same process can be followed for exporting all assets.
I need a specific integration because Comply GRC is my source of truth. Will you add more integrations? If not, can I leverage your API?
We will not be adding any new features or integrations to Comply GRC. While the API can be used to pull in any data you may need, we strongly recommend moving to another tool for compliance management.
I was planning to run UARs in Comply next quarter and don’t have time to change the process and internal communications. Will you support my team through this effort if they have questions on conducting UARs?
Support is provided through the end of your contract period. We are here to provide guidance in any continuing GRC functions, but we encourage customers to begin finding alternative GRC solutions as soon as any existing audits, assessments, or UARs are completed.
Please contact [email protected] if you experience any issues with integrations or SSO. Please refer to our documentation on integrations and SSO for guidance on configuring these services. Overall, we do not recommend our customers to dedicate further investment in Comply GRC and strongly recommend finding an alternate solution.
We have canceled all upcoming renewals which you will see reflected in the billing section of your account. Customers will have support through the end of their subscription period, and will have free access to Comply GRC until June 2022. If you would like to continue receiving support on Comply GRC past the end of your contract period, please contact [email protected] to enroll in a month-to-month paid support plan.
If you’re on a monthly/quarterly/bi-annual payment schedule, please reach out to us if you’d like to stop billing and end paid support. Otherwise, your Comply GRC contract will automatically cancel upon your renewal date.
The Deploy product will remain unchanged in this split. This spin off enables Aptible to invest even more resources into growing and developing Deploy in the months and years ahead. For more information on the Deploy product roadmap, please see the Deploy Changelog and the Deploy product vision for the future.
Conveyor will be developing and supporting Customer Trust Management and Vendor Management functionality including the Rooms, Questionnaire Response, and Vendor Management features for customers.
- Rooms - a sales enablement solution that helps compliance and sales teams build customer trust by allowing customers self-serve access to security documentation.
- Questionnaire Response - a solution that makes it easy to respond to security questions requested by customers and prospects. The future state is to support a questionnaire search and assistant tool that enables teams to complete these on their own using past questionnaire data and machine learning to ensure you are using the responses you are winning deals with.
- Vendor Management - a tool that helps customers evaluate the data security of their vendors by assessing their risk, managing the vendor lifecycle, and mitigating vendor risk. Simplify getting security information, determining if vendors are trustworthy, and automatically keep that information up-to-date.
Learn more at https://www.conveyorhq.com/.
We strongly recommend migrating to Conveyor on the free plan if you would like to continue to leverage the Rooms and Vendor Management tools. Customers are able to continue to use the existing Rooms and Vendor Management tools in Comply GRC, but should take note that these tools are now considered legacy versions and will not include any future product updates.
What if I want to move my Room and Vendor Management operations to Conveyor, but continue my GRC management in Comply GRC. Will the Conveyor team support me on GRC functionality?
Conveyor will not include a GRC system or provide support for Comply GRC. From this point onward, these are two separate tools supported by two separate teams. We strongly recommend seeking out an alternative GRC solution as Comply GRC will sunset by June 2022.
We will be sunsetting Gridiron and Compliance OS along with Comply GRC in June 2022. Please reach out to [email protected] for recommendations on other Learning Management Systems.
Updated 6 months ago