307 results found
-
Control mapping to authoritative source in report
The assessment report should have an option to include the mapping to an authoritative source.
5 votes -
On Org Home page view, place an "Inheritance" badge icon next to assessment(s) published for External Inheritance
Similar to the Certification badge icon, create and place new "Inheritance" badge on Org Home page to quickly identify which of the assessment(s) listed have been published for External Inheritance with a hover-over pop-up dialogue box with either of the following content: "Enabled on [Effective Date]" or "Disabled on [Effective Date]".
8 votes -
Update Inheritance percentage selection box
Customers lose visibility of the percentage number displayed in the inheritance request box when changing the browser zoom. Update display characteristics to dynamically change text size so a number is always present regardless of zoom. Zoom from 75% up to 150 percent should be supported.
2 votes -
Document Upload Alert
Can the tool be updated to send alerts to assessors with access to the assessment when documents are uploaded?
8 votes -
KABAN View
Have the box turn green in each of the phases as they are completed. If something comes back and moves it to a lower phase make it red, the next phase should be highlighted in a new color.
2 votes -
Inheritance Approval Table enhancement
Field Update
- Please add "Response Date" column in the table to analyze our SLA matrix
- "Filter" : Please provide "Select All" checkbox so that by unchecking it we can select the required filter, right now, all fields and data items are marked in "Filter", it takes time to deselect every one of them.
- Show total count for "All" like you have count specified for other fields e.g. "Approved (3000), Rejected (40)...et.c2 votes -
Inheritance Request Dynamic Dashboard
Adding a Dynamic Dashboard for Analysis purpose which can include options to create a dynamic / real time dashboard for Cloud Service Providers as well as Subscribers including but not limited to the following -
- Month wise Inheritance Requests received
- Subscriber wise IRs received
- Status Report (Created | Approved | Rejected | Cancelled ...etc.)
- Realtime Trend analysis to show increase / decrease in IRs.For Subscriber -
- Realtime status report for their requests (Approved , Rejected ...etc.)Also a feature of Automated notification to CSPs and Subscribers on a
weekly / Monthly / Yearly basis…3 votes -
Add some way to identify when a control is required to be sampled.
Peer the test plan requirement, is there any way within MyCSF where the assessor can note this is SAMPLED requirement, so then the client does not submit evidence that cannot be used since the control request sampling?
19 votes -
Automatic Update upon CAP completion
Provide option to automatically update MyCSF score related to CAP (Policy/Procedure/Implementation) for all requirements related to CAP upon selection of "completed" stage.
3 votes -
Standardize role names
Update the role names under Names and Security. As assessors we are often assigned "Assessment Lead" rather than "Assessor". "Subscriber" is used elsewhere to identify those being assessed (e.g., Subscriber Comments). The identifiers should be consistent across the platform. Thanks.
3 votes -
Comprehensive Document report
Suggestion to add a document report which can show which document related to Policy, Procedure and evidence. Hence, we can filter out which file(s) was used for evidence and which file(s) were used for P&P.
Thanks2 votes -
Under "Assessment Options," consider rephrasing "Report Processing" in the first question. It is confusing.
Under "Assessment Options" consider rephrasing this question as follows - the "Report Processing" piece being capitalized makes it seem like a specific offering type, which is confusing.
- From: "Will this Assessment be submitted to HITRUST for Report Processing?"
- To: "Will this Assessment be submitted to HITRUST for certification?" or something similar.2 votes -
CAP Report Additional Information
Customer would like to include the CAP title, Domain, and Requirement statement ID associated with the CAP in the CAP report.
5 votes -
3 votes
-
Add Unique ID
It would be helpful if the unique id is added, next to the Control Gap Identifier, on the report.
8 votes -
1 vote
-
Automatically generate a generic CAP for requirements scored with a deficiency
Have an option to automatically generate a CAP entry for all requirements scored with a gap. CAP name would include (Auto "control name" )
1 vote -
Add an industry benchmark chart into the NIST CSF report
Something like the attached example
1 vote -
New option on compliance pack to contain just sections of the authoritative source within a specified range of average score s
In addition to having the option to include only certain parts of the authoritative source in a compliance pack, the option should also exist to have the compliance pack only include those sections of the authoritative source with an average score falling within a specified range (e.g., below 60, between 60-70, etc.). This will allow for the breaking out of the areas warranting remediation / further review.
1 vote -
Clearer Guidance for CAPs needed for HITRUST QA
When a client goes in and enters in their Corrective Action Plans, I think it would be helpful to have some supplementary guidance within the CAP form that describes what information HITRUST’s Assurance Team is going to expect during QA. As it stands now, there is very little context on what a client needs to provide in the ‘Corrective Action Plan’ box and it leads to some mixed results from the QA team. It would also be nice to understand the scored maturities within the CAP form rather than having to click out of the CAP box to see what…
3 votes
- Don't see your idea?