340 results found
-
Expand the Authoritative Resources for Source Mapping to include ENS for Spain
Expand the Authoritative Resources for Source Mapping to include ENS for Spain. AKA: Certification of Conformity with ENS (Esquema Nacional de Seguridad)
1 vote -
Remove delegate but not the scores
If a control has multiple delegates and the scoring is completed by one of the delegates, removing all delegates from that control should not remove the scores that were previously set.
1 vote -
Bulk remove delegates
It would be nice if there was a way to remove delegates from an entire domain without going through each control one by one.
1 vote -
Show maturity when multiple people are delegated to a control but not completed
Currently, If there are multiple people delegated to a control, the entire domain maturity does not appear in the "Domains by Average Maturity " report even if one of the delegates have entered their scores. I feel that the report should show the maturity in its current state to give a more accurate picture of all domains so that decisions can be made for additional worked needed to be performed. For example, I have 2 people deleted to a control. Delegate #1 enters values of policy 100%, procedure 0%, implementation 100%, measure 75%, manage 0% and delegate #2 is working…
1 vote -
Policies and Procedures Template per CSF version
Build a Template Policy and Procedure Set for each MyCSF version. Everyone is wasting time and often misaligned when building policies, procedures, standards, guidelines, and plans to comply with HITRUST. I (and I'm sure others) would value HITRUST creating a compliant set of Policies and Procedures that we can implement with minor changes. Either build in a reference section to each document (that shows the MyCSF control it is addressing) or provide a master index, liked HITRUST and other frameworks. While the policy and procedure sets till needs to be audited and certified, it shifts the focus to certifying at…
2 votes -
Make the help site more apparent
The https://help.mycsf.net/ page should be front end center in the 'Need Help?' box on the side of the portal and/or a menu item at the top.
1 vote -
QA and Support Work together
It would be helpful for Tasks to come back in a state that can be edited. Most of the time the QA sends something back that needs edited, and the Control is locked. When you attempt to get with support to help you fix it, it is a prolonged process with a lot of back and forths and delayed responses. QA and Support need to work together if the tasks are going to come back where Support needs to be engaged.
4 votes -
Offline for Interim
Offline assessment for Interim
1 vote -
Can we get access to the Offline assessment for the interim assessments
Can we get access to the Offline assessment for the interim assessments
1 vote -
in document descriptions when entering docs into Hitrust it is fine if you link to a document already uploaded but you should be able to add
you should be able to add individual description in different sections of CSF to a document that already exist... as the same document may address different controls.. having to use the same description can be confusing... descriptions for a document should be able to be different in different sections of MYCSF
1 vote -
Allow us to download v.9.6
We see 9.6 in the dropdown box but I cannot select it.
2 votes -
Scope of the Assessment - Description on Access
Description of how the Systems are Accessed by all parties should be a separate column and not embedded in the Description portion. It is not intuitive that Access is part of the Description. Access is a separate attribute and should be treated as such.
2 votes -
Glitch: When updating score dropdown, if Save is clicked just after, the score is not preserved
Glitch: When updating score dropdown, if Save is clicked just after, the score is not preserved
3 votes -
GAP Report
When generating a GAP report those controls that are associated with a CAP should be identified in the report as CAP required not just as a GAP.
11 votes -
Add Illustrative Procedures to the Assessment Report (Column)
Add CVID & Illustrative Procedures to the Assessment Report (Column)
7 votes -
Include Inheritance reports in the Analytics tab.
It would be beneficial to include the ability to export a list of all inheritance and their associated properties for an object to a CSV/Excel document from the Analytics report tab.
3 votes -
Pre-Populate Information in Assessor Timesheet
Populate the Engagement Executive & CHQP on the Assessor Timesheet based on what is entered on Name & Security page. Additionally, have a dropdown for names of assessors and auto-populate CCSFP numbers when selected.
3 votes -
Business Associate Domain 19
Can there be an additional risk factor question for business associates that asks whether they have any responsibility for handling ePHI/PHI requests from end users/consumers (e.g. disclosures, restrictions in writing)?
Domain 19 has many requirements that are focused on covered entities, and if a BA can confirm they would never be involved in the handling of ePHI requests from end users/consumers I think it would remove several requirements that wind up being N/A and would provide clarity during QA.
5 votes -
HITRUST QA Tasks for External Assessor
It would be helpful to be able to export to excel HITRUST QA tasks with the Assessment Task pop-up details, including the full text of the latest HITRUST Comment and corresponding BUID for the control.
4 votes -
Add a Person
How do I add a person under people management
4 votes
- Don't see your idea?