Bulk Checklist Upgrades in OpenRMF Professional v2.9

Dale Bingham
3 min readAug 26, 2023

One of the new features in v2.9 is the Bulk Checklist Upgrade feature. Many customers love the way that our solution lets them upgrade a checklist with a click of a button, and keep the older one for history. Customers have been requesting this related bulk feature for a bit. And now they have it! You can bulk upgrade checklists and have OpenRMF Professional track scores, history, notifications, and all the upgrades in the background nice and simple.

OpenRMF Professional v2.9 Introduces Bulk Checklist Upgrades!

Checklist Upgrade Process

Every quarter or so, the DISA checklists they use get updated with a new release or version. We add the public DISA checklists as templates to use for SCAP or DISA benchmark matching to create/update checklists in your system package. Or we let you add individually yourself.

When you open a checklist or pull up the report to show upgrades, it checks each checklist and then lets you click Upgrade to do it individually. It will copy the status, comments, details, and override info from old to new. Save the old historically. Update the latest one. Update the overall checklist score. Update the system package score. And then update any POAM entries. Automatically!

Now in OpenRMF Professional v2.9 you can do that whole process in BULK like the video below shows you. Select a group of them, click Upgrade, get back the screen to do other work while it upgrades in the background, and keep going on with your tasks. This has been requested for some time from our users. And now it is in there to use!

Matching to Checklist Templates

With OpenRMF Professional, we automatically match your current checklist based on type and version/release to what is in the Template area for that same type and release. And look for the latest version/release combination as well. Whether they are DISA checklists, CIS based checklists you create from reading an .audit file from Nessus/ACAS. Or if you create a custom checklist and update the version or release of that yourself.

Doing a bulk upgrade or individual upgrade takes the newer checklist and all vulnerabilities, and copies in data from the older one matching by vulnerabilities. Whether it was manual checks filled in or automated scan checks that filled the vulnerability data, the information is copied over. And the older one is saved historically. All data is tracked, audited, scores updated, POAM updated, etc. automatically in seconds.

And with the latest data now available, you can check for new “Not Reviewed” items that you need to answer to. And then edit or bulk edit those. Then rerun the compliance engine to see where you stand against your required cyber compliance.

Simply and easily. The same way every time.

System Package dashboard showing all pertinent data for accreditation

Free Evaluation — See For Yourself

As you can see from all this above, OpenRMF Professional v2.9 allows you to do so much more with the information you already have in your cyber compliance processes. And it does it automatically, giving you back precious time, money and resources.

This enables better cyber hygiene to reduce security risks and costs, as well as improve security posture. And it allows you and your team to track all projects, programs, and system level cyber compliance in your portfolio in one place.

Evaluate OpenRMF Professional for yourself and see how it helps you and your team achieve a faster ATO through automation. With consistent, repeatable results. Using the same team. With a LOT LESS stress on them! And letting your cyber engineers be engineers, not cyber administrators.

You can download a prebuilt OVA to quickly stand up a virtual machine on your computer or network. Or you can download the installation and set it up yourself on your own equipment.

We give you a 30-day license that fully unlocks the power of OpenRMF Professional. Check out our documentation, blogs, YT videos or even schedule a demo or quick conversation on your use cases and questions.

You have nothing to lose and everything to gain! Time is one of our most valuable resources. As are the people on your team. Get them the solution they need.

Get them OpenRMF Professional.

--

--

Dale Bingham

CEO of Soteria Software. Developer on OpenRMF. Software Geek by trade. Father of three daughters. Husband. Love new tech where it fits. Follow at @soteriasoft