-
Option to NOT include attachments from previous certification in the next assessment object
When creating a new assessment object AFTER already having been certified (i.e., in a re-certification scenario), MyCSF should have an option to include or NOT include the documentation linkages present in the previous assessment object.
18 votes -
Notification saying Interim report has been issued
Currently we receive an email saying "you have received 1 notification in MyCSF" and that notification in MyCSF states "You've been assigned to assessment: The Company Interim." It'd be great if the notification specifically said that the interim letter was posted.
12 votes -
Offline template for CAPs
Template would allow subscribers to populate CAP data in excel and upload to MyCSF
9 votes -
External Inheritance
For External Inheritance
I suggest someone at HITRUST look into changing the External Inheritance workflow. The current process is extremely cumbersome. When a control is identified the entire assessment has to be flipped back to the entity being assessed. Why not make this process unique & independent? Make each control able to be sent for External Inheritance separately.
Currently we are in the QA process & our external assessor is reaching out to us due to HITRUST stating a single control needs to be assigned for External Inheritance. Only problem is it looks as though the entire assessment will have…
5 votes -
Suggestive Factor Changes
MyCSF should have a mechanism to suggest scoping factor changes based upon a pattern of Not Applicables applied when responding to the Assessment
4 votes -
43 votes
-
Display scoring weights in use on the assessment page
MyCSF should display the scoring weights that are in use for the assessment object on the assessment page to avoid confusion around which weights are being utilized.
6 votes -
Show QA queue status or wait time
Similar to waiting for DMV or to see a doctor, continually show assessment status. For example, state there are 30 assessments ahead of our submission, and update as our submission moves up the queue. Or show submitted assessment has an estimated 8 weeks to be viewed by QA assessor and adjust as the assessment gets closer to being viewed. It would be helpful to know this.
4 votes -
Use different contrasting colors for the two options below, please. Response Status: External Assessor Review Complete Response Status: Ext
Use different contrasting colors for the two options below, please.
Response Status: External Assessor Review Complete
Response Status: External Assessor Review Pending4 votes -
assessor agree
for N/A requirements, change to a single "agree with N/A"
6 votes -
Ability to store assessment documentation in the customer's cloud environment
An option to configure an assessment's documentation (workpapers, audit evidence) to reside in the client's cloud hosting provider instead of in MyCSF's default storage location, such as:
- Client's box.com
- Client's S3 bucket
- Client's Google drive
- Client's SharePointThis would require the client to grant the MyCSF application access into a specific area in their cloud environment. This would be very beneficial to customers who don't want to allow assessment documentation to leave their controlled environments.
This would also require MyCSF to store assessment documentation in a folder structure that can be navigated with something like Windows…
31 votes -
Make unique IDs readily apparent throughout MyCSF and within Reports and Analytics.
Unique IDs should be apparent throughout MyCSF and within all reports and analytic tools. For example, a user should not have the click on the "Expand" button within the Assessment to view the unique IDs. Unique IDs should also be available when linking documents, rather than trying to match up the statement language. All reports and analytic tools should reference unique IDs when presenting material by requirement statement.
30 votes -
Why is this a CAP
Within the UI when something is a CAP add a button that would show why something is a CAP. This would need to include the math behind the requirement and/or control reference.
3 votes -
Assessment-wide search capability
A search bar present in the "Assessment" page which searches the entire assessment for the given search term. The only search capability currently present are in the documents repository, and it only searches the document descriptions and document names. This new assessment-wide search should consider:
- customer comments
- assessor comments
- requirement IDs
- requirement statements
- document names
- document descriptions
- CAP responses
- diary entries
- scoping factor responses
- (pretty much everything entered in an assessment)3 votes -
Sort requirements by Unique ID
It would be great if there was an option to sort/filter requirements based on the Unique ID, not just the level or control.
25 votes -
Requirement statement text in "linked statements for" modal should be a hyperlink
In the modal accessible from the general documents page used to show the requirement statements that are linked to a particular document, the requirement statement text should be a hyperlink leading to that requirement statement. See pic.
3 votes -
The ability for users to remove inheritance was submitted to the assessor
Currently, there is no way for users to remove inheritance or inheritance requests once submitted. If the auditor tests it, and finds that inheritance is not appropriate, there needs to be an easier way to remove inheritance rather than requesting from HITRUST support.
19 votes -
Separate discretionary factors from mandatory factors
I'd like to see the scoping factors that are optional / discretionary (namely the regulatory factors) clearly labeled as such, or even moved into their own page containing a disclaimer that they are optional. For the rest of the factors (which MUST be accurate), I'd like to see them clearly labeled as such or on their own page with a tagline describing that they must be accurately entered.
32 votes -
In the MyCSF evidence "folder" list view, it'd be very handy to sort by upload date.
In the MyCSF evidence "folder" list view, it'd be very handy to sort by upload date.
2 votes -
Function to allow External Assessors to agree/disagree with inheritance weights
For requirements involving inheritance, there should be a button where the external assessors can either agree with the selected inheritance weight or disagree and suggest a new inheritance weight, similar to what exists for the maturity level scores. Rejecting the weight would send the requirement back to the client.
2 votes
- Don't see your idea?