307 results found
-
Date of Submission should be when HT approves Assessment
Date of Submission should be when HT approves Assessment
9 votes -
Document replace functionality should also replace file's name (not just file contents)
The document replace functionality should also replace document's name (not just document's contents). Right now it appears to replace the document contents but leaves the old document name.
7 votes -
Help Context should be linked
Where we have help pages built (eg: Factors) you should be able to click on the factor and see the help information in a sidebar without having to leave the MyCSF page.
35 votes -
Give assessors an easy way to "reject" evidence linked to a requirement statement by the assessed entity
If a document was identified as associated with a requirement statement or requirement statement's PRISMA attribute(s), the assessor should be given an easy way to flag items as irrelevant to the PRISMA attribute and to the requirement statement. Its common for the customer to link files that may be related to other requirements but not necessarily to the requirement statement at hand.
16 votes -
Auto-associating uploaded evidence based on special strings in filenames
When a file is uploaded evidence into an assessment, MyCSF should be able recognize special strings filename to automatically link the file with control maturity levels and/or requirements.
Some examples:
• A document uploaded with a title of "New hire population [Imp].xlsx" would automatically be linked to the requirement's implemented level.
• A file titled "IT security policies [Pol, Pro].pdf" would automatically be linked to the policy and procedure levels.
• An uploaded document with a title of "Termination samples IMP 3334.0.xlsx" would automatically be linked to the implemented level of the requirement with the CVID of 3334.0.This could…
1 vote -
Custom assessment's library builder needs to be easier to use
The custom assessment's library builder needs to be easier to select and de-select requirements in mass. For example, it needs "Select all visible requirements" and "De-select all visible requirements" buttons. Right now, if I want to include all requirements in in a particular authoritative source I have to click like 100 times.
4 votes -
Creating a custom assessment is not intuitive
The process for creating a custom assessment is not intuitive. Namely, it's tough to figure out how to (1) create a custom library, (2) publish that library, and (3) select that library for an assessment. The only help page available is how to create the custom library but not to publish it or assess against it. The whole process needs (a) to be more intuitive in the tool, (b) more help documentation, and/or (c) both of these things.
4 votes -
Password reset for disabled accounts
If you try to reset a password on a disabled user account, the system doesn't tell you that the account is disabled and also doesn't send the password reset link. MyCSF should be updated to inform the user that the account is disabled and therefore password reset isn't possible.
2 votes -
Mouse cursor on the Corrective Action Plans page / list
The mouse cursor icon when mousing over rows of the 'Corrective Action Plans' page (where all of the CAPs are listed in a table) is confusing. It always displays as a hand when mousing over any part of the CAPs table, which makes me think I'm mousing over a link. However, the only links in the table are buttons in the far-right of the table. I think this is a bug. The fix is to correct the cursor icon when mousing over the non-linked areas of the table.
1 vote -
Custom Tagging for Requirement Statements
The ability for customers to create their own tags on the Requirement Statements and sort/filter based upon their custom tags.
8 votes -
Keep top menubar visible at all times (even after scrolling)
The top menubar containing the Home, Library, Analytics, etc. links should remain visible at all times (even after scrolling down a page).
5 votes -
Hyperlinks in CAPs page
In the "Corrective Action Plan" modal / pop-up accessible by pressing the "Edit" button for a single CAP listed in the "Corrective Action Plans" page: The "Linked Statements" area should contain hyperlinks. Specifically, the "Assessment", "Domain", and "Baseline Unique ID" columns should all be populated with hyperlinks.
3 votes -
Increase "Corrective Action" field in CAPs pop-up
In the "Corrective Action Plan" modal / pop-up accessible by pressing the "Edit" button for a single CAP listed in the "Corrective Action Plans" page: The "Corrective Action" field is way too small. It's only 3 lines tall, and it makes it very, very hard to read.
1 vote -
Show # of CAPs on CAPs page
The number of CAPs listed should be clearly displayed at the top of the "Corrective Action Plans" page.
8 votes -
user guide needs better instruction on submitting an object to HITRUST
The user guide needs better instruction on how to submit an object to HITRUST, like a click-by-click walk through.
3 votes -
Don't overwrite document metadata
When downloading workpapers / documents, MyCSF currently erases the file metadata. For example, when downloading a file the "date created" field gets overwritten to the date the file was downloaded from MyCSF. MyCSF should not mess with any document's metadata at all. I'd like to be able to see the original date created as well as all of the other original metadata associated with the file.
6 votes -
Remove the "Load More CAPS" button
In the CAP listing, the view doesn't display all CAPs by default. Instead, a "Load More CAPS" button needs be pressed. Please change this behavior so that the CAPs all load by default without the need to keep pressing this button.
4 votes -
Separate discretionary factors from mandatory factors
I'd like to see the scoping factors that are optional / discretionary (namely the regulatory factors) clearly labeled as such, or even moved into their own page containing a disclaimer that they are optional. For the rest of the factors (which MUST be accurate), I'd like to see them clearly labeled as such or on their own page with a tagline describing that they must be accurately entered.
33 votes -
Both assessor and customer must approve submission
I'd like to see the submission to HITRUST workflow be expanded to require that both the external assessor AND the customer approve the submission of the assessment object to HITRUST.
3 votes -
Make the "Expand All" button a toggle button
Make the "Expand All" button a toggle button. Currently the "Expand All" button can only be used to expand all of the requirements in the active domain. I'd like for it to change to "Collapse All" after it has been pressed, allowing the users to collapse all of the requirements in the domain.
5 votes
- Don't see your idea?