340 results found
-
CAP Usability Issues
When using the Filter on CAPs there are some serious usability issues. First, the filter does not dynamically update so when you, for example, filter on Status of "Not Started" and then update said status you are returned to the list with the newly updated CAPs which now have a status of "Started - On Track" displayed in the list, so it requires the user to navigate down every time they enter a new status update for a different record.
Furthermore, the list is limited so you must click the "Load More" button. So after filtering you are presented with…6 votes -
CAP Management is far too time consuming
CAP management, especially when creating cloned objects to simply run hypothetical scenarios or to plan for a future, is far too inefficient.
There needs to be the ability to "select" via a check box all of the "links" to a CAP and delete them all at once.
There also needs to be the ability to do the same at the CAP level so that they can be deleted en masse.
It should not take anywhere from 10-80 (!!!) individual clicks and actions to simply delete a CAP.6 votesThis is an excellent idea, and it's actually already included in a CAP handling and reporting improvement initiative slated for roll-out a little later this year. I attached a screenshot of the mock-up. Thanks for the feedback and for your patience as we continue to improve the CAP functionality in MyCSF. If you're interested, we're happy to have a call to walk you through the rest of the CAP enhancements included in the initiative.
-
Additional feedback to Enumerate Illustrative Procedures...
Illustrative Procedures are presented in 'narrative' form. Given that the number of 'elements' in an Illustrative Procedure factors into the scoring formula, might not be optimum as ambiguous results can arise based on individual interpretation of the number of elements (not everyone is a champion sentence parser). Ergo, suggestions for revised Illustrative Procedures could be:
1) Bulletized elements with a numeric count provided; or
2) Embedded numbering (e.g. 01, _02, 03, etc.) to identify each salient element again with a numeric count.Additionally, dynamically providing enough blank fields (i.e. # of elements * 5 maturities) in client response areas…
6 votes -
Display unsent External Inheritance Requests in Assessor view also
Can you add the External Inheritance status to the main page for the Assessor view also? The status is displayed on our client's view and it would be good to have the same status in the Assessor view so that we can track and ensure our clients indeed submitted the inheritance requests to the external entity.
6 votes -
Function to allow External Assessors to agree/disagree with inheritance weights
For requirements involving inheritance, there should be a button where the external assessors can either agree with the selected inheritance weight or disagree and suggest a new inheritance weight, similar to what exists for the maturity level scores. Rejecting the weight would send the requirement back to the client.
6 votes -
Why is this a CAP
Within the UI when something is a CAP add a button that would show why something is a CAP. This would need to include the math behind the requirement and/or control reference.
6 votes -
Documents Repository and Linkage
One of the most time consuming tasks in performing assessments is the linkage of documentation. I think it would be helpful if our documentation repository creates a slot for each document. The slot is then mapped in a one to many relationship model to control requirements. The documents are then uploaded to the virtual slot. The big advantage is that documents in the slots can be automatically mapped to any assessment object and if the most recently reviewed version of a policy is uploaded to the slot to replace the old version, the new one automatically mapped as well. This…
6 votes -
QA and Support Work together
It would be helpful for Tasks to come back in a state that can be edited. Most of the time the QA sends something back that needs edited, and the Control is locked. When you attempt to get with support to help you fix it, it is a prolonged process with a lot of back and forths and delayed responses. QA and Support need to work together if the tasks are going to come back where Support needs to be engaged.
5 votes -
Business Associate Domain 19
Can there be an additional risk factor question for business associates that asks whether they have any responsibility for handling ePHI/PHI requests from end users/consumers (e.g. disclosures, restrictions in writing)?
Domain 19 has many requirements that are focused on covered entities, and if a BA can confirm they would never be involved in the handling of ePHI requests from end users/consumers I think it would remove several requirements that wind up being N/A and would provide clarity during QA.
5 votes -
Validated Report Agreement for CAPs
After the validated report agreement is signed by subscriber please allow for the green check mark to be generated. Subscriber should not have to wait for HITRUST to countersign the validated report agreement for a green checkmark to be generated. This delays the ability to generate caps.
5 votes -
Add "Implemented: Sampling" flag to controls in MyCSF where they are missing
Upon review of sample testing required for a v9.5 assessment, I noticed that quite a few controls have illustrative procedures that state "select a sample of . . .", however when you look in MyCSF the control requirement, they don't have the "Implemented: Sampling" flag. Is there a plan to ensure the flag is evident for all control requirements in MyCSF that require sample testing per IP?
5 votes -
5 votes
-
Implement a "Preview" CAPs option
Implement a "Preview" CAPs option before a "Generate" CAPs once the assessment is complete to enhance the QA process, allowing for the client to vet the caps and make sure they are confirmed allowing for more completeness, accuracy and integrity to the overall process.
5 votes -
Bulk Deletion
This is especially relevant to cloned assessments in my experience, but it would be nice if MyCSF had a feature to bulk-delete uploaded documents in the "Documents" section.
5 votes -
Publish changelog and alert when the CSF is changed, but version number not incremented
When changes are made to the CSF, but the version number is not bumped, a changelog should be published and assessors and subscribers should be alerted. Currently subscribers often create spreadsheets of requirements for internal use as they prepare for their next assessment.
Sometimes, for a variety of reasons, the assessment object may get refreshed or even deleted and recreated. If a change has occurred to the CSF that didn't bump the version number, the subscriber will end up with an assessment object that doesn't 100% align with their preparation efforts. This is usually not discovered until well into the…
5 votes -
Control mapping to authoritative source in report
The assessment report should have an option to include the mapping to an authoritative source.
5 votes -
CAP Report Additional Information
Customer would like to include the CAP title, Domain, and Requirement statement ID associated with the CAP in the CAP report.
5 votes -
Use different contrasting colors for the two options below, please. Response Status: External Assessor Review Complete Response Status: Ext
Use different contrasting colors for the two options below, please.
Response Status: External Assessor Review Complete
Response Status: External Assessor Review Pending5 votes -
Suggestive Factor Changes
MyCSF should have a mechanism to suggest scoping factor changes based upon a pattern of Not Applicables applied when responding to the Assessment
5 votes -
Offline Assessment for Interims & Bridges
MyCSF should allow a user to download and use the Offline Assessment for Interim and Bridge Assessment
5 votes
- Don't see your idea?