88 results found
-
Comment on Factor if Technical/Systematic is No
If a Yes/No factor is set to No, a comment box should render adjacent to the field requiring the user to input justification
4 votes -
Add more dates to the QA progress report
The QA Progress Report should be updated to show much more dates. See attached suggestion: This basically adds those extra dates into the timeline where they fit, changes the term "assessor" to "external assessor", and (if possible) captures some of the key "done by" names.
3 votesThe assessment details page achieves this idea
-
Add the ability to filter the inheritance request by requirement, date, and customer
Add the ability to filter the inheritance request by requirement, date, domain and customer (requestor)
1 vote -
[BL] Identify Statements that are New since last Assessment
I would like to submit a suggestion for a future revision to MyCSF. Can you add a feature that allows users to identify requirements that are new since their last assessment
3 votesThis is now in place with the newly added preview changes feature available from the factors page
-
[BL] Ability quickly add files to a Document reference
Functionality that supports the importing of files and attaching them to pre-existing reference names.
3 votesThis is achievable today with a combination of the bulk upload and offline assessment template capabilities
-
QA Reminder Email
The system shall automatically send an email notification to Clients and Assessors that HITRUST is waiting for QA.
3 votes -
Provide a functionality to download all inheritance requests from Mycsf in CSV format
Provide a functionality to download all inheritance requests from Mycsf in CSV format. This will help CSP providers manage the inheritance requests queue, and will help with tracking and reporting.
1 vote -
Add a date to the inheritance requests queue
Within MyCSF, please add a date which shows when an inheritance request was created, submitted, approved, and applied. This will be especially helpful to track the review of the inheritance requests.
1 voteRequested date has been added to the Inheritance pages
-
Phasing out Password rotating requirement
The following requirement I believe will eventually be less common as companies are moving away from rotating passwords and might need to be inclusive of all methods going forward as password rotating will probably be slowly phased out.
ID: 1031.01d1System.34510 “The organization changes passwords for default system accounts, at first logon following the issuance of a secure temporary password, when there is a suspected compromise, and no less than every 90 days for regular accounts or 60 days for privileged (i.e., administrator accounts).”
It has been discussed for years now that rotating passwords leaves individuals more prone to have to…
1 voteGreat suggestion. This is addressed in v9.4 of the CSF and will continue to be reflected in future CSF versions.
-
MyCSF Reliance Tracking
This would leverage the MyCSF workflow and functionality for inheritance and extend part of it to reliance.
1. Add a button for 3rd Party Report Reliance to the UI for each CR
2. Allow update of 3rd party reports in bulk that identifies the documents as such and collects pertinent information about the report to include (type, issuance date, review period)
3. When reliance is used for a CR they would click the button and select which report from #2 is being relied upon.This will allow the interim selection process to exclude CR that used 3rd party reliance to…
1 votethis was included in the nov. 2020 release and will be enabled alongside the userforms and tasks functionality
-
Custom assessment's library builder has a NULL authoritative source
The custom assessment's library builder has a NULL authoritative source. It's confusing and misleading, as every requirement is tied to at least 1 authoritative source. This NULL option needs to come out. See pic.
2 votes -
Edit checks on "Organization Information" page
MyCSF should enforce edit checks on more fields within the "Organization Information" page within the "Admin & Scoping" area of an assessment. Specifically: (1) "TBD" shouldn't be allowed for any field, (2) The email address field should confirm that it's an email, (3) The phone field should confirm that it's a phone, and (4) the contact name field should confirm that there's at least once space present.
2 votes -
Format Match: Recreated Certified Assessment to match Pre-Assessment format of Original
The system shall ensure that the Pre-Assessment format of the recreated Validated Assessment matches the linked Original Certified Assessment.
0 votes -
[BL] Add note on Time sheet page
Add the following note at the top when assessor is completing the time sheet Please note that at least 50% of the total testing hours must be completed by a CCSFP
2 votesCompleted via a PQI focusing on this
-
[BL] Increase Character limit within the System & Facility tabs
the characters limits to the system and facility text area inputs should be increased.
front-end change that would throw a warning if someone had exceeded the limit.
2 votesFixed in the new webforms
-
[BL] Remove all Document columns within Offline Assessment Template
The system shall remove all Document columns within the Offline Assessment Template.
Description and Priority
The existing Offline Assessment Template should be updated to remove all document columns. Columns S-AB are the columns that should be removed.Rationale
The existing Offline Assessment Template should be updated to have no document columns.Dependencies
Offline Assessment spreadsheetStimulus
Updating the Offline Assessment excel spreadsheet.Users
System.1 vote -
[BL] Update all Assessor label to External Assessor
The system shall update all Assessor labels to instead reference External Assessor within MyCSF
2 votes -
10613 - CAPs Scheduled Completion Date Email
MyCSF should automatically send an email notification to all users permitted to manage CAPs (Account Admins or Manage CAPs == checked) within a MyCSF Account thirty (30) days before a CAPs scheduled completion date.
A content block should be created that allows HITRUST to change the notification. It should include variables for the CAP Id, CAP Name, CAP Scheduled Completion Date, and CAP POC
2 votes -
[BL] Configurable Roles
Ability to Create and Update roles by setting and modifying specific permissions within the app.
0 votes -
[BL] CAP Repo
CAP Repository belonging to an Organization. These CAPs can pertain to MyCSF Assessments or any external Source. They should be mappable to the Statements of Assessments.
0 votes
- Don't see your idea?