Release Notes: April 2026

The main dashboard has been completely redesigned with a customizable, widget-based architecture. Users can now personalize their dashboard by toggling widgets on or off, reordering them via drag-and-drop, and choosing from seven role-based templates (Developer, QA Engineer, Support Agent, Compliance Officer, Sales Rep, Manager, and All Widgets). Quick Actions have been moved to the top of the page for immediate access, and a new “My Work” widget shows issues, tasks, and tickets assigned to the current user. Five new widgets bring previously hidden data to the dashboard: Help Desk Overview (open tickets, SLA breaches, priority breakdown), Compliance Status (overall compliance percentage, framework health), Sales Pipeline (open deals, pipeline value, win rate), Upcoming Calendar Events, and Notifications Summary. Each widget supports collapse/expand with lazy loading, skeleton loading animations, and 7-day trend sparkline charts. An auto-refresh feature lets users set a 5, 15, or 30 minute interval that pauses when the browser tab is hidden.
The Diagram Builder received a major code refactoring that consolidated 18,800 lines of duplicated rendering code across the list, view, and edit pages into shared utility modules, making the codebase significantly easier to maintain and extend. Orthogonal connector routing was improved so that manually adjusted line paths are preserved when shapes are moved, and connector selection was fixed to work reliably. A new JSON export/import feature was added, allowing diagrams to be exported as structured JSON files (alongside the existing PNG and PDF options) and imported back into the application as new diagrams, accessible from all three diagram pages with full English, Spanish, and German language support. The JSON import pipeline includes comprehensive security validation on both the frontend and backend, covering file size limits (10 MB), shape and connector count caps, structural validation of all shapes and connectors, string length enforcement, numeric bounds checking, duplicate ID detection, dangling connector reference detection, and HTML tag sanitization to prevent XSS.
Fixed attestation progress showing 100% when no users have completed attestation. Policies with no assigned users or empty groups now correctly display 0% instead of 100%.
Added a Compliance Mapping section to the policy view page. When a policy has linked controls, the section displays each control with its identifier, title, and implementation status, along with the mapped requirements (showing reference code, title, and parent framework) and linked procedures. Requirement and procedure chips are clickable and navigate to their respective detail pages.
A new “General Business Policies” compliance framework template is now available alongside ISO 27001 and GDPR, giving business owners a ready-made set of 25 draft policies covering governance, HR, health and safety, IT, and financial operations, with 18 step-by-step operational procedures and 25 controls, all pre-linked. All three framework templates now scaffold operational procedures with practical step-by-step guidance (15 for ISO 27001, 15 for GDPR, 18 for General Business) and automatically create an “All Staff” user group with the relevant staff-facing policies pre-assigned, so after reviewing and publishing policies, you only need to add your team members to the group for them to receive attestation requests.
The User Groups dialog in the Compliance module has been enhanced with full policy visibility and management. When viewing a user group, the dialog now uses a tabbed interface with separate Details, Members, and Policies tabs, making it easy to see which policies are assigned to the group along with their status, category, and due dates. When editing or creating a user group, a new Policies tab lets you search, filter, and select policies to assign, with a token search bar that supports filtering by framework, status, and category. The policy category filter across the application (including the main Policies list page and the policy edit form) now dynamically derives its options from the categories actually in use rather than showing a static list, so categories like “Governance” or “Health and Safety” from scaffolded frameworks appear correctly. The General Business Policies framework has also been moved to the top of the scaffold template list for easier access.
ISO Mate now includes Sales Pipeline Management, giving your team a complete toolkit for tracking prospects from first contact to closed revenue. Create custom pipelines with configurable stages, capture leads and progress them through New, Contacted, Qualified, and Converted statuses, then convert them to opportunities with win probability and close dates. When an opportunity is ready, convert it to a deal with product line items, quantity, unit pricing, and discount calculations. Visualize your deals on a drag-and-drop Kanban board, manage a product catalog with price books for different markets, and link contacts to any record with roles like Decision Maker, Influencer, and Technical Evaluator. Connect tasks, calendar events, notes, and emails to any lead, opportunity, or deal for a complete interaction history, all tracked automatically in the activity timeline. Monitor performance with the Sales Dashboard, featuring pipeline distribution, weighted revenue forecasting, win rate tracking, conversion metrics, and a funnel summary across all three record types. Export leads, opportunities, deals, and products to CSV or PDF, and control access with granular permissions across Leads, Opportunities, Deals, Pipelines, and Products.
The Notifications page now uses the same token search bar found across all other list pages, replacing the old filter dropdowns with inline chip-based filters for status (read/unread) and category, complete with “is” and “is not” operators and date range filtering. Additionally, every token search bar throughout ISO Mate now remembers your filter selections. When you set filters on any list page (tasks, issues, notifications, test cases, deals, incidents, compliance, and more), navigating away and returning will automatically restore your previous filter configuration, so you never have to re-apply filters after switching between pages.
Fixed an issue where emails in the mailbox inbox could appear out of order after syncing by adding a stable secondary sort to prevent emails with identical timestamps from shifting position.
Notification sounds now have a 30-second cooldown to prevent rapid-fire alerts when multiple notifications arrive in quick succession. The first notification in a burst plays the sound as usual, and any further notifications within the next 30 seconds are silent. After the cooldown expires, the next incoming notification will trigger the sound again.
Fixed an issue where the AI Email Assist feature would fail with a validation error when including email thread context for draft generation, particularly with longer or HTML-rich emails like newsletters. The thread context is now stripped of HTML markup and trimmed to only the most recent message before being sent to the AI, significantly reducing payload size and improving response quality. A warning indicator now appears when the thread context is large and will be truncated. Additionally, the system will automatically retry with reduced context if the AI service encounters an error, rather than surfacing a generic failure message.
Issue descriptions with large or richly formatted content were being silently truncated when saved. The storage limit has been increased to support longer descriptions without data loss.
Fixed an issue where events synced from Google Calendar could appear on the wrong day for users in certain timezones, particularly those with large UTC offsets like New Zealand or South Africa. Also resolved a problem where removing individual occurrences from a recurring event in Google Calendar wasn’t reflected in ISO Mate, leaving deleted events still visible on the calendar. Additionally, deleting a single instance of a synced recurring event from within ISO Mate now correctly syncs the removal back to Google Calendar, so the event no longer reappears after the next sync.
Fixed an issue where Google mailboxes and Git repository connections (GitHub, GitLab, Bitbucket) would permanently disconnect after a single transient error, such as a network timeout or temporary API outage. Previously, any failed token refresh or API error immediately marked the connection as requiring manual reconnection, even when the underlying credentials were still valid. Connections now track consecutive failures and automatically retry on the next sync cycle, only requiring manual intervention after three consecutive failures. Successful syncs reset the failure counter, so brief disruptions resolve themselves without user action. Permanent errors like revoked tokens or insufficient permissions continue to disconnect immediately as expected.
Help desk agents can now select which shared mailbox to send ticket replies from, with the reply section adapting based on mailbox availability.
The workflow builder gains three new features for email triggers: an Email Classification condition that distinguishes new inbound emails from replies to existing tickets, an Extract Ticket References action that scans email subjects and bodies for ticket reference numbers using configurable regex patterns, and a Link Email to Ticket action that creates entity links between emails and matched tickets. Tickets created from email workflows are now automatically linked to the originating email, and linked entities on the ticket view page display with proper icons, labels, and clickable navigation for all entity types including emails.