-
date format
with the increased usage of MyCSF by non-US based users all dates should be switched to Month DD, YYYY format from the MM/DD/YYYY format currently used to avoid confusion
1 vote -
Make Shared Responsibility Matrix Spreadsheets Editable
Please allow users to edit the Shared Responsibility Matrix spreadsheets.
The value of this content comes from organizations utilizing it to manage their HITRUST programs.
We need to be able to filter, sort, remove rows, add columns to document our environment and current state, etc.
With the content locked down I currently need to cut your content from the SRM spreadsheet, then paste it to a new spreadsheet, and then re-format every column again.
I understand your spreadsheet states that it must be used and distributed in your format but that is impossible when you lock it down.1 vote -
Issues with AWS and MS Azure Shared Responsibility Matrix Spreadsheets
When the just released SRM spreadsheets are downloaded so we can use it as a working document there are problems.
When columns are filtered the data in Columns A-L all disappears and is replaced with "Name?"
Please fix these spreadsheets so that I can eliminate the out of scope controls and then focus further on "Inheritable" controls through the use of filters while keeping all of the original content.1 vote -
In the MyCSF evidence "folder" list view, it'd be very handy to sort by upload date.
In the MyCSF evidence "folder" list view, it'd be very handy to sort by upload date.
2 votes -
Function to allow External Assessors to agree/disagree with inheritance weights
For requirements involving inheritance, there should be a button where the external assessors can either agree with the selected inheritance weight or disagree and suggest a new inheritance weight, similar to what exists for the maturity level scores. Rejecting the weight would send the requirement back to the client.
2 votes -
External Inheritance
For External Inheritance
I suggest someone at HITRUST look into changing the External Inheritance workflow. The current process is extremely cumbersome. When a control is identified the entire assessment has to be flipped back to the entity being assessed. Why not make this process unique & independent? Make each control able to be sent for External Inheritance separately.
Currently we are in the QA process & our external assessor is reaching out to us due to HITRUST stating a single control needs to be assigned for External Inheritance. Only problem is it looks as though the entire assessment will have…
5 votes -
Show QA queue status or wait time
Similar to waiting for DMV or to see a doctor, continually show assessment status. For example, state there are 30 assessments ahead of our submission, and update as our submission moves up the queue. Or show submitted assessment has an estimated 8 weeks to be viewed by QA assessor and adjust as the assessment gets closer to being viewed. It would be helpful to know this.
4 votes -
Use different contrasting colors for the two options below, please. Response Status: External Assessor Review Complete Response Status: Ext
Use different contrasting colors for the two options below, please.
Response Status: External Assessor Review Complete
Response Status: External Assessor Review Pending4 votes -
Suggestive Factor Changes
MyCSF should have a mechanism to suggest scoping factor changes based upon a pattern of Not Applicables applied when responding to the Assessment
4 votes -
Why is this a CAP
Within the UI when something is a CAP add a button that would show why something is a CAP. This would need to include the math behind the requirement and/or control reference.
3 votes -
Assessment-wide search capability
A search bar present in the "Assessment" page which searches the entire assessment for the given search term. The only search capability currently present are in the documents repository, and it only searches the document descriptions and document names. This new assessment-wide search should consider:
- customer comments
- assessor comments
- requirement IDs
- requirement statements
- document names
- document descriptions
- CAP responses
- diary entries
- scoping factor responses
- (pretty much everything entered in an assessment)3 votes -
Requirement statement text in "linked statements for" modal should be a hyperlink
In the modal accessible from the general documents page used to show the requirement statements that are linked to a particular document, the requirement statement text should be a hyperlink leading to that requirement statement. See pic.
3 votes -
I need to add a new assessor user to our assessment
I can see a number of users affiliated with our assessor company.
However, I can't add a new assessor staff member to the list of users. Note: This is a new staff member at the assessor company.
It would be wonderful if there were a tool that would let me add new assessor staff to our assessment. How can I do that?
1 vote -
3 votes
-
spell check for comments section in self-assessment
It would be helpful to have spell checking for the comments section, similar to how it is already implemented for this ideas submission field. If there already is spell checking, then it is not working in my Firefox browser.
2 votes -
Visualize reports before clicking on them
Whenever I'm working on getting controls exported, I always forget which report I like the best (I recently re-learned that it's the Assessment Report (Column)). It'd be great to have a picture next to each report type to more easily identify each report.
3 votes -
2 votes
-
Rep Letter Upload Requirement
Remove edit check that requires client to upload a rep letter in order to submit a domain to the assessor. This is too early in the process to provide a rep letter - currently, clients must upload a fake / placeholder document as a workaround.
2 votes -
Documents Repository and Linkage
One of the most time consuming tasks in performing assessments is the linkage of documentation. I think it would be helpful if our documentation repository creates a slot for each document. The slot is then mapped in a one to many relationship model to control requirements. The documents are then uploaded to the virtual slot. The big advantage is that documents in the slots can be automatically mapped to any assessment object and if the most recently reviewed version of a policy is uploaded to the slot to replace the old version, the new one automatically mapped as well. This…
2 votes -
Offline template for CAPs
Template would allow subscribers to populate CAP data in excel and upload to MyCSF
9 votes
- Don't see your idea?