Our latest release includes some exciting updates and additions—the Vendor Registry, a new "Reviewer" user role, and UX improvements throughout the platform.
Release Notes: Credo AI v2024.13.0
Date: 09-09-24
What’s New
Vendor Registry (Beta Release)
-
Track vendors in a Vendor Registry: Admin users can add, edit, and view Vendors as a separate entity on the Credo AI Platform in the new Vendor Registry.
-
Approve & reject vendors: Admins can approve or reject Vendors and have this status surfaced to all Use Cases using this Vendor—so any Use Case that’s making use of a rejected vendor is labelled as such and surfaced to the governance team.
-
Associate vendors with Use Cases: Information about Vendors can be surfaced and referenced when completing Use Case questionnaires.
-
Out-of-the-box Vendor Transparency Reports: The Credo AI Vendor Registry can come pre-populated with information about common enterprise AI vendors like OpenAI. If you’re interested in getting access to this content in your Credo AI tenant, please reach out to your Customer Success Manager.
Role Based Access Control
-
“Reviewer” role added to the Platform – we’ve created a new Platform-level role, the Reviewer role, which gives full visibility into AI Use Cases that are available in the Credo AI Registry but limited edit access. See more information about exactly what this Reviewer role can and cannot do compared to the “Admin” and “User” roles in the documentation here.
User Management
-
Add SSO users via API: Admins can set up integrations between Credo AI and an external tool to programmatically register SSO users to the Platform via API. For API documentation, please reach out to your Customer Success Manager.
AI Registry
-
Download Use Cases with questionnaire answers via the UI: Admins can bulk download Use Cases to/from the AI Registry with associated questionnaire information and associated custom fields. The data will be downloaded as a JSON file.
Governance Center
-
Hide or Archive Questionnaires, Policy Packs, and Controls: Admin users can now archive or hide old custom intake questionnaires, Policy Packs, and controls, which prevents them from getting applied to Use Cases moving forward but still stores a record of these governance assets for auditability.
Notifications
-
Notification Upon Use Case Registration: Once a use case is registered, its owner will receive an email notification alerting them to their new ownership and guiding them towards their next step: completing the questionnaire.
-
If use cases are registered via integration and API, folks can now set the
owner
property in theuse_cases
endpoint.owner
takes a user id or a team id, as well asowner_type
, which is eitheruser
orteam
. When the use case is created, the owner will be set from the API, and that user will receive the notification email. You’ll find the newuse_cases
endpoint below under API Changes and Updates.
-
Questionnaires
-
Full Questionnaire Title Exposed in Modal: When creating a use case from scratch, users can now see the full questionnaire title upon hover-over in the modal.
-
Autocomplete Questionnaire Tasks: We have removed the “Mark as Complete” button on questionnaire sections. Now, questions will be automatically marked as complete by the system as users work through their questionnaires.
-
On the home screen, users will still see tasks for questionnaire sections not yet complete, but they will no longer see a “Mark as Complete” button next to that task. Once the user selects that task and answers the question, that task will be marked as complete by the system and therefore disappear from their “Open” tasks on their homepage.
-
-
Assignee Details are Exposed on Questionnaire Section: Hover over an assignees icon on a questionnaire section to view their full name and team details.
UX Improvements
-
AI Assist Performance Enhancement: AI Assist risk scenario and control recommendations are now faster than before.
-
Warning when model-level controls applied to a Use Case with no models: users will now see a clear alert letting them know when there are model-level controls applied to a Use Case without any models, which will prevent those controls from being shown to the user.
-
Autosave improvement: users won’t be interrupted in the middle of entering information by the autosave functionality in the Questionnaire screen.
API Changes and Updates
-
Setting use case owners via API: PATCH
use_cases
now has a newowner
property. It takes a user id or a team id, as well asowner_type
, which is eitheruser
orteam
. Use this property to assign a user to a new use case as an owner via API. See the “Notifications” section above for more details.
{
"data": {
"type": "use_cases",
"attributes": {
"name": "Acme Fraud Detector",
"description": "",
"questionnaire_ids": [
"FIZZ+3"
],
"owner": {
"owner_id": "zwtuNS4KdfgKLSy2UghHdQ",
"owner_type": "user"
}
}
}
}
-
Creating custom fields on Vendor records via API: In our new vendor management APIs, use PATCH to create, update and delete custom fields on vendor records.
-
Evidence property rename: In GET
evidence
endpoints, thepolicyPackLinks
property has been renamed toassetsLinks
.