333 results found
-
Ability to automatically associate documents with requirement statements and PRISMA levels during bulk upload using a folder structure
When doing a bulk upload of documents (screenshots, workpapers, etc.) via a compressed zip archive using the bulk upload functionality, users should be able to automatically associate documents with requirement statements and PRISMA levels (e.g., policy) using a defined folder structure within the archive.
The folder structure can be something like this:
-- domain
--- requirement statement ID
---- policy
---- process
---- implemented
---- measured
---- managedDocuments present in these folders would be (a) uploaded, (b) associated with the requirement statement, and (c) tagged to the PRISMA levels
9 votes -
[BL] Control Reference labeled on Statements
Can we add an enhancement to add the control reference to the requirement statements layout. Like the below. People have a hard time of telling what the requirements are related to without the name. Example is the constant confusion on 09.x and 09.y controls. They are all e-commerce and online transaction but some of them do not have either of those terms within the statement so people think it is just a standalone control.
09.x Electronic Commerce Services
!1579275197061-0.png!11 votes -
[BL] Assessor Warning when assigned subscriber role
When a user belonging to an Assessment's Assessor is assigned a subscriber role, a warning message should be thrown to the user setting the permission that this user will not be allowed to do any validation work if this role is assigned.
12 votes -
Date of Submission should be when HT approves Assessment
Date of Submission should be when HT approves Assessment
9 votes -
Unlock Doc Repository when any Task are created during QA
Unlock Doc Repository when any Task are created during QA
2 votes -
[BL] Edit/Delete Diary Entries
Feature allowing a user to edit or remove a diary entry
10 votes -
Draft report automatic removal
MyCSF will automatically delete the draft report files 7 days after the final reports are posted.
5 votes -
Provide assessors the ability to revert entire domains back to clients
Provide assessors the ability to revert entire domains back to clients- even if the feature was only available when the status of the domain is "assessor review pending". This would avoid needing to request HITRUST to revert domains if clients accidentally hit submit too early.
8 votes -
Add Multi-Select of Requirements for Delegating Responsibilities
There needs to be a half-way point between the requirement statement and domain level for delegating responsibilities. It would be nice to have the ability to select multiple requirement statements within a domain and then delegate those statements rather than completing each one individually.
3 votes -
Control Category can be included as part of illustrative procedure or control requirement
Currently we cannot identify the control category for a particular control requirement. Subscribers who opt only for 3 month CSF subscription without reporting functionality, we cannot identify the control category. It would be helpful if the control category is included like other details like - Control unique ID, Level and illustrative procedures.
2 votes -
Custom API Endpoints
Allow a User to choose the Data points that they want returned in an API Call. MyCSF would then automatically develop an API path that returns the hand-picked dataset
4 votes -
Enhance CAP Notifications
Assign individual users to a milestone and notify of approaching milestone completion date. This would enhance the functionality of the CAP module to include milestone approach date.
2 votes -
External assessor timesheet should have drop-downs on the name fields
- Name fields on the external assessor timesheet should be drop-downs pre-populated with all of the assessor’s users who have access to that object (with the option to still manually type in a name if not in MyCSF).
- When selected, the CCSFP numbers should auto-populate as well.
7 votes -
Custom Tagging for Requirement Statements
The ability for customers to create their own tags on the Requirement Statements and sort/filter based upon their custom tags.
8 votes -
Show # of CAPs on CAPs page
The number of CAPs listed should be clearly displayed at the top of the "Corrective Action Plans" page.
8 votes -
Document replace functionality should also replace file's name (not just file contents)
The document replace functionality should also replace document's name (not just document's contents). Right now it appears to replace the document contents but leaves the old document name.
7 votes -
[BL] Documentation Request
Capability for Assessors to solicit their Clients to upload evidence into MyCSF for a given Statement.
7 votes -
Don't overwrite document metadata
When downloading workpapers / documents, MyCSF currently erases the file metadata. For example, when downloading a file the "date created" field gets overwritten to the date the file was downloaded from MyCSF. MyCSF should not mess with any document's metadata at all. I'd like to be able to see the original date created as well as all of the other original metadata associated with the file.
7 votes -
[BL] Diary Tagging
Functionality for someone to either select recipients or use the "@" symbol to quick search for them like Outlook. Any individuals tagged would be notified of a Diary concerning them.
The capability should also be present at the general Assessment level without being associated with an Assessment Statement.
External people should be able to @ HITRUST users that have commented previously in the chain.
5 votes -
Organizational info cleanup
The ability to edit and delete information for systems and facilities including the ability to removing them from "other" in order to keep organizational information clean.
3 votes
- Don't see your idea?