Skip to main content

Unicis Platform March 2026 Release: Controls Mapping, Notifications & REST API

Two March releases bring cross-framework Controls Mapping, a fully documented REST API, real-time notifications, three new compliance frameworks, and a range of security improvements.

Predrag Tasevski March 31, 2026 5 min read
Unicis Platform REST API OpenAPI Notifications Controls Mapping Statement of Applicability Task Management OWASP ASVS PCI DSS ISO 42001 Webhooks Security Release

March has been a productive month for the Unicis Platform. We’re shipping two releases — on March 7 and March 31 — that together bring cross-framework Controls Mapping, a fully documented REST API, real-time notifications, three new compliance frameworks, and a range of security improvements and bug fixes.

Release 1 — Controls Mapping (March 7, 2026)

Major Update: Controls Mapping

One of our most-requested features is now live: Controls Mapping across multiple frameworks and standards.

Security and compliance teams often work across several overlapping frameworks simultaneously — ISO 27001, GDPR, NIST, NIS2, MVSP, and more. Understanding how controls relate to each other has historically been a manual, error-prone effort.

With this release, the Unicis Platform makes that work visual, structured, and actionable:

  • Mapped control count — see at a glance how many controls are linked between frameworks
  • Detailed relationship view — explore the specific connections between individual controls across standards
  • Linked tasks — immediately see which tasks are tied to mapped controls, connecting compliance evidence to framework obligations

A new Controls Mapping Matrix gives teams a full visual overview of the mapping status between any two frameworks or standards — making it easy to spot gaps, overlaps, and shared coverage without toggling between spreadsheets.

Explore supported framework mappings in our Frameworks documentation.

New Features

Tasks

  • Export tasks in HTML, PDF, Excel, and CSV formats — share evidence with auditors or stakeholders in the format they need
  • Bulk import via Excel or CSV with task template support — standardize recurring compliance activities and onboard new frameworks faster

Cybersecurity Management System

  • The Statement of Applicability (SoA) can now be exported in HTML, PDF, and Excel directly from the platform, keeping it in sync with your control selections without any manual rebuild in external tools

Security

  • Updated Prisma and Next.js to their latest stable versions

Fixes

  • Fixed issues affecting Cybersecurity controls selection
  • Updated platform pricing display
  • Fixed issues in the Risk Management dashboard

Release 2 — Notifications & REST API (March 31, 2026)

Major Update: Notifications

Staying on top of compliance work now happens automatically. A new in-app notification bell keeps users informed with a real-time unread count. Notifications are also delivered over email and web push channels, with per-user preferences giving each team member full control over what they receive and how.

Notifications cover the following events — each independently configurable per channel (in-app, email, push):

  • Task due
  • Task created
  • Task updated
  • Task commented
  • Task deleted
  • File uploaded

Major Update: REST API

The Unicis Platform REST API is now officially documented and production-ready.

An OpenAPI 3.0 specification is accessible via Swagger UI at /api-docs. API access is secured via Bearer Token authentication — keys can be generated in Team Settings. All endpoints follow a consistent JSON response envelope:

{ "data": ..., "error": null }

The API covers the full breadth of the platform’s core modules:

ModuleDescription
TasksCreate, read, update, and manage compliance tasks
Cybersecurity Controls (CSC)Access and manage cybersecurity control data
Risk ManagementRead and update risk register entries
PIAPrivacy Impact Assessment records
RPARecords of Processing Activities
TIATransfer Impact Assessments
API KeysManage API key lifecycle programmatically
AI ChatbotIntegrate AI-assisted compliance guidance into your workflows

Webhooks: task.due_date event

A new webhook event fires whenever a due date is set or changed on a task — enabling downstream automation such as reminders, project tool sync, or dashboard updates.

New Frameworks

  • OWASP ASVS v5 — Application Security Verification Standard for web application security testing
  • PCI DSS v4.0.1 — Payment Card Industry Data Security Standard, latest revision
  • ISO/IEC 42001 — AI Management System Standard for responsible AI governance

Security

  • Bearer token verification: expiration checks and team-scoped access enforced on all API calls
  • SBOM (Software Bill of Materials) generated and published — supporting supply chain transparency and CRA-readiness
  • SAST scan on Bearer token handling — vulnerabilities reviewed and resolved
  • npm audit fix applied across all dependencies

Fixes

  • Fixed Team Create button missing from the Teams interface
  • Fixed Billing modal: country (en) key returning an object instead of a string

What’s Next

With Controls Mapping live and the REST API open, we’re focused on deeper integrations, automated gap detection, expanded framework coverage, and more notification and webhook event types. Follow our progress and share your ideas on the public roadmap.

Thank you for being part of the Unicis community. If you have questions or want to explore the new API with your team, reach out via Discord or contact us directly.

Sign up for a DEMO

Unicis Platform

Ready to automate your GRC workflow?

Join teams using Unicis to manage privacy compliance, cybersecurity controls, and regulatory frameworks — all in one open-source platform.

Get Started Free — No Credit Card View Documentation