307 results found
-
Customize User Profile
User ID profile picture
1 vote -
Display unsent External Inheritance Requests in Assessor view also
Can you add the External Inheritance status to the main page for the Assessor view also? The status is displayed on our client's view and it would be good to have the same status in the Assessor view so that we can track and ensure our clients indeed submitted the inheritance requests to the external entity.
6 votes -
michael.frederick@hitrustalliance.net
Allow for offline interim assessments with same features as full assessments.
1 vote -
michael.frederick@hitrustalliance.net
When an interim is generated it should also pull the documentation that was linked into the document library for the assessment and show the names of the documents within the expanded control requirement statement window. This will allow for all work to be done from within the interim versus having to hop between it and its associated full assessment. It would not link the documents, just pull them into the library and provide the listing. Links can be added once documents are updated for most current version.
4 votes -
Report for Illustrative Measurements
Figuring out how to demonstrate and measure proof of compliance was a steep learning curve. The illustrative measurements were extremely helpful, but I spent a lot of time having to dig for them and reformatting them to make them more readable and easier to search. Being able to sort the measurements by unique ID, CSF objective, and system/organizational would be a powerful feature.
3 votes -
Making primary contacts get notified for all assessments a company has
I am the primary contact for my company. The current model requires a client to select me for an assessment or I don't see the assessment. Because of staff turnover I may not have been assigned to a previous assessment. I need to be notified of all assessments my company has and should be a default for all notifications since I am the primary contact.
2 votes -
Sort Corrective Actions Plans By Completion Date
You should be able to sort CAPs by their Scheduled Completion Date.
3 votes -
SSO through OIDC or SAML
SSO through OIDC or SAML. For a framework that places a heavy emphasis on role-based access controls and centralized identity management it seems only fitting that HITRUST implemented either OIDC or SAML.
12 votes -
For assessments using the new webforms, MyCSF should validate email addresses for VRA and rep letter signatures
For assessments using the new webforms, MyCSF should validate email addresses for VRA and rep letter signatures and report back to the user if that email address bounces (e.g., due to a typo). This will let the user know that they shouldn't wait for a validated report agreement or rep letter signature that didn't ever actually make it to the intended recipient for signature.
2 votes -
How do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?
ow do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?
1 vote -
When viewing the linked documents for a particular Requirement Statement, each document should show the date that it was linked .
When viewing the linked documents for the Requirement Statements, each document should show the date that it was linked without having to go through the document repository especially in situations where we request for additional evidence from the assessor. From some assessments I have done so far, I noticed the assessors do not make reference to the newly linked documents so we have to go to the repository to check the date for all documents to see if any was added outside their testing period. This would really help to save time during QA review.
6 votes -
Please allow the CSF tool recognize the " ' " character in controls when searching.
When searching for controls the ' character is not read and therefore returns no results for controls with that character in the control language.
3 votes -
Copy mapping from evidence items to others.
When uploading evidence for controls often one piece of evidence is used for multiple controls or there are multiple evidence items supporting the same control stage (policy, procedure, implemented). The ability to copy the mapping from one item to another would be a huge time saver.
4 votes -
Combine HIPAA Compliance Pack Spreadsheets
Combine the spreadsheets in the HIPAA compliance pack into one spreadsheet.
2 votes -
Change Versions on Custom Assessment Library
custom assessment library
2 votes -
Reset button pop up help
Pop up help on dashboard "reset" button
1 vote -
import system facility
Auto import from excel system and facility information instead of having to double entry into MyCSF one by one manually.
3 votes -
Inheritance Expiration
Indicate when an inheritance is going to expire in less than XX days.
Be able to identify in MyCSF analytics which requirements are inherited (customer view) and if any are expiring in less than 180 days.3 votes -
Show % coverage of authoritative source when creating a targeted assessment
When creating a targeted assessment, MyCSF should show a percentage of the coverage of the authoritative source's requirements provided through the targeted assessment.
1 vote -
Publish changelog and alert when the CSF is changed, but version number not incremented
When changes are made to the CSF, but the version number is not bumped, a changelog should be published and assessors and subscribers should be alerted. Currently subscribers often create spreadsheets of requirements for internal use as they prepare for their next assessment.
Sometimes, for a variety of reasons, the assessment object may get refreshed or even deleted and recreated. If a change has occurred to the CSF that didn't bump the version number, the subscriber will end up with an assessment object that doesn't 100% align with their preparation efforts. This is usually not discovered until well into the…
5 votes
- Don't see your idea?