316 results found
-
Business Associate Domain 19
Can there be an additional risk factor question for business associates that asks whether they have any responsibility for handling ePHI/PHI requests from end users/consumers (e.g. disclosures, restrictions in writing)?
Domain 19 has many requirements that are focused on covered entities, and if a BA can confirm they would never be involved in the handling of ePHI requests from end users/consumers I think it would remove several requirements that wind up being N/A and would provide clarity during QA.
5 votes -
Marking a Control Automatically Complete Prematurely
The control should not be marked as completed until there is 1) N/A marked 2) 100% inheritance marked or 3) where the control is applicable (partially or in whole) AND inheritance is 0-75%, linked documents applied with subscriber comments.
Controls are being marked completed (automatically by the system) when Inheritance is applied, even if the inheritance is less that 100%. The subscriber still needs to add their control testing for their portion of the control. The control should be deemed incomplete until they have linked documents and subscriber comments. Otherwise the status wheel is an inaccurate representation of the status…
1 vote -
Add Illustrative Procedures to the Assessment Report (Column)
Add CVID & Illustrative Procedures to the Assessment Report (Column)
7 votes -
Email Notification Configuration Options
Ability to configure email communications from myCSF to tailor emails such as inheritance requests. More granular notifications and email subjects / recipients for the emails is desired.
1 vote -
Apply all button when uploading evidence
When uploading similar evidence to different controls you are presented with 3 options:
"replace this document", "Link to the existing document", & "skip this document"
It would be nice if there was an apply all option that you could click if you plan to link to existing documents for everything you are uploading as opposed to having to click that button 10+ times.
3 votes -
Authoritative sources -Standards and Frameworks
When will the authoritative sources be updated to the most current versions, i.e.: CMM 3.0 to 4.0x, ISO 27001- 2013 to 2022?
1 vote -
Not able to download Offline Assessment
I am not able to download Offline Assessment
I need this to save my assessment on a higher priority.
1 vote -
Assessment Object
Please consider not tying certified assessment to the assessment object. This way, customers can use MyCSF to house all the previous assessment reports in one location without needing to purchase additional assessment objects.
1 vote -
GAP Report
When generating a GAP report those controls that are associated with a CAP should be identified in the report as CAP required not just as a GAP.
10 votes -
Inheritance Color and Size of Dot
Please change the color for those controls that are being inherited to a darker color and a larger dot to make it easier to see.
1 vote -
Editing comments in QA tasks, and the ability to adjust QA tasks
Currently any QA task opened, when remarking, you cannot go in and edit/delete comments. I cannot tell you how many times my fat fingers have hit enter mid sentence/comment and then I had to finish the sentence comment with another entry. Please make comments where they can be edited/deleted. If needing to keep certain things as a matter of record, at least keep things editable, and then have a marker/recording that shows edited as a time stamp or something. Additionally, instead of a new QA task needing to be created because it lacked substance or the right tools, allow the…
1 vote -
DNV
DNV is used instead of Joint Commission at our facility. Could DNV be added and cross mapped like JC is? www.dnv.com
1 vote -
Add DNV to Mapping
Add DNV mapping.
4 votes -
Remove the headings for each domain on a combined AssessmentReportColumn report
Within the AssessmentReportColumn report (exported to excel), remove the headings for each domain when you set "Split Assessment Domains into Separate Sheets?" as no. Instead of having headings over each domain section, add the domain as another cell within each row. This will remove the need for manual formatting to be able to run formulas, etc.
1 vote -
New User Support Access Role
Create another access role - "User Support" that grants view all access with the ability to upload documentation and scoring (without delegation rights). Preferably with the option to track who updated scoring.
2 votes -
3 votes
-
Assessor Contacts
It would be faster, more efficient, if the Assessor Contacts can be input at the beginning (and if needed, ad hoc) and then a drop down of those contacts appear for each control instead of having to type them in over and over in each control.
1 vote -
Add Assessment Date
Please add a Date column to the assessment list.
7 votes -
RDS
The old RDS interface gave me a report, but the new one seems to have removed it which made me sad.
1 vote -
I got a generic email that something was assigned to me. How do I easily find that
I received a generic email that there was a notification. I logged in and saw that something was assigned to me with no detail. How do I find what was assigned to me with out reading the whole assessment?
1 vote
- Don't see your idea?