262 results found
-
1 vote
-
Ability of assigned assessor to bulk download customer or assessor documents
Please return the bulk download functionality. This is very useful at multiple stages of an assessment, especially for text searching and opening multiple documents at once on multiple monitors. -
- update permissions set for assessors assigned to a subscriber's validated assessment object to do bulk download of the mapped documentation whether loaded by customer or assessor.1 vote -
Add a HITRUST ID column to the HITRUST QA Task Listing in MyCSF (where applicable)
It would help assessors if the unique ID was visible for each task presented in the QA Task List. Currently, we need to drill into each task to uncover what control needs to be addressed. There are tasks related to something not related to a control (i.e. "Scope of the Assessment"), so obviously those would not display a control ID and would show as a empty field value.
1 vote -
Add "Implemented: Sampling" flag to controls in MyCSF where they are missing
Upon review of sample testing required for a v9.5 assessment, I noticed that quite a few controls have illustrative procedures that state "select a sample of . . .", however when you look in MyCSF the control requirement, they don't have the "Implemented: Sampling" flag. Is there a plan to ensure the flag is evident for all control requirements in MyCSF that require sample testing per IP?
2 votes -
Post Submission QA Tasks
It would be helpful to partially unlock the specific items/areas that QA has assigned tasks to post submission. Currently, we have to request help from the support team and it prolongs the process of QA unnecessarily.
1 vote -
Fine-Grain Assessment Object Reversion
I suggest implementing fine-grain assessment object reversion when subscriber changes (e.g., to requirement scores, NA statements, CAPs, and external inheritance requests) are needed post-submission. Under the current system, it seems that such changes require reversion of the entire object, which then calls for revalidating all requirements (rather than just the updated ones). Fine-grain reversion would support greater assessment efficiency, less rework, and less frustration for subscribers. Also, MyCSF would more accurately reflect workflow status, without resetting the status of previously completed phases/tasks.
1 vote -
Requirement Sorting Within MyCSF
domains, this sort order (whether ascending or descending) makes it easier to quickly find specific requirements. This is especially true when working between MyCSF and an assessment test plan (typically during scoring, commenting, and evidence mapping), because test plans tend to feature this sort order also.
1 vote -
Quarterly MyCSF Release Notes
I suggest that HITRUST publishes a quarterly release note digest to summarize changes for users. Under the Release Notes section of MyCSF Help, no new notes have been published since June 2021; yet, MyCSF has changed dramatically (especially regarding workflow and status management) since this time. The digests can be published under the Release Notes section, or (even better) emailed to registered MyCSF users.
1 vote -
change sort order of presets to align with assurance levels
change the left to right sort order of assessment presets to align with assurance provided....r2 should be left, i1 center, e1 right.
1 vote -
Fix Exports so that formatting, particularly numbering, are included in the export
In V11, when exporting controls the language removes all formatting and numbering, making it difficult to trace back actions to the sub-requirements. Given the importance of the list breakdown this should be included ASAP. If the formatting is a challenge due to Excel/CSV, the numbering should still be included.
1 vote -
Bulk export and archive of an object
At times our organization has reached our object capacity. We would like to export all of our entire object and reports, but it is currently a manually intensive process. For peace of mind, we want to export everything from a previous object, then archive or delete it. Current the process is manual with reports having to be downloaded one at a time. A bulk download and export feature would be so nice.
2 votes -
Evaluative Elements Report
Create a report that shows a list of the Evaluative Elements for each requirement statement similar to the Illustrative Procedures report - this will help both assessors and assessed entities with ensuring that they are meeting the EEs when working in offline testing workbooks without clicking into each requirement statement within MyCSF.
4 votes -
New Environment test
Azure test
1 vote -
Include dates when files are uploaded
It would be nice to see if we could have dates of when files are uploaded. It can be very confusing when evidence is similar and there is no reference date of when it got uploaded.
1 vote -
Map CSF to COSO Principles
Map CSF controls to COSO Principles in the HITRUST CSF Authoritative Sources Cross Reference
1 vote -
Have Salesforce publish an SRM
It appears that Salesforce does not have an SRM available. As a widely used product it may benefit many subscribers if they published an SRM for use.
1 vote -
HITRUST Assessment Markup Language
This would allow an assessed entity or assessor to highlight and mark test in documents and automatically create a link to the control requirement statement from which it was accessed and allow them to select the maturity domain that the highlighted text supports. This could also be granular enough to allow it to tie to requirement criteria as defined in illustrative procedures and listed in MyCSF.
1 vote -
collaboration
Very confusing whether multiple people can work in an assessment at one time or not. Sometimes save works, sometimes it doesn't and reverts to previous states. Make it clear how it works with clear UX like in google docs.
1 vote -
Include the HITRUST requirement ID in the Reports
Please re-configure the Reports under Analytics to ensure that Requirement ID is part of the data pull. We manage this work at a requirement level and currently, every report that we run we have to do a cross-reference to pull in the requirement ID.
13 votes -
Update "Change / Cancellation Policy" section on the Reservation tab
Can you update the "Change / Cancellation Policy" section on the Reservation tab to include the requirement that your submission date cannot be less than 2 weeks before the QA block selected. This requirement is not written out anywhere online but is enforced.
1 vote
- Don't see your idea?