307 results found
-
Add "Implemented: Sampling" flag to controls in MyCSF where they are missing
Upon review of sample testing required for a v9.5 assessment, I noticed that quite a few controls have illustrative procedures that state "select a sample of . . .", however when you look in MyCSF the control requirement, they don't have the "Implemented: Sampling" flag. Is there a plan to ensure the flag is evident for all control requirements in MyCSF that require sample testing per IP?
5 votes -
5 votes
-
Implement a "Preview" CAPs option
Implement a "Preview" CAPs option before a "Generate" CAPs once the assessment is complete to enhance the QA process, allowing for the client to vet the caps and make sure they are confirmed allowing for more completeness, accuracy and integrity to the overall process.
5 votes -
Bulk Deletion
This is especially relevant to cloned assessments in my experience, but it would be nice if MyCSF had a feature to bulk-delete uploaded documents in the "Documents" section.
5 votes -
Publish changelog and alert when the CSF is changed, but version number not incremented
When changes are made to the CSF, but the version number is not bumped, a changelog should be published and assessors and subscribers should be alerted. Currently subscribers often create spreadsheets of requirements for internal use as they prepare for their next assessment.
Sometimes, for a variety of reasons, the assessment object may get refreshed or even deleted and recreated. If a change has occurred to the CSF that didn't bump the version number, the subscriber will end up with an assessment object that doesn't 100% align with their preparation efforts. This is usually not discovered until well into the…
5 votes -
Control mapping to authoritative source in report
The assessment report should have an option to include the mapping to an authoritative source.
5 votes -
CAP Report Additional Information
Customer would like to include the CAP title, Domain, and Requirement statement ID associated with the CAP in the CAP report.
5 votes -
Function to allow External Assessors to agree/disagree with inheritance weights
For requirements involving inheritance, there should be a button where the external assessors can either agree with the selected inheritance weight or disagree and suggest a new inheritance weight, similar to what exists for the maturity level scores. Rejecting the weight would send the requirement back to the client.
5 votes -
Use different contrasting colors for the two options below, please. Response Status: External Assessor Review Complete Response Status: Ext
Use different contrasting colors for the two options below, please.
Response Status: External Assessor Review Complete
Response Status: External Assessor Review Pending5 votes -
Suggestive Factor Changes
MyCSF should have a mechanism to suggest scoping factor changes based upon a pattern of Not Applicables applied when responding to the Assessment
5 votes -
Offline Assessment for Interims & Bridges
MyCSF should allow a user to download and use the Offline Assessment for Interim and Bridge Assessment
5 votes -
Display Message within the tool informing clients of bugs/patches or issues to be proactive and better inform
When issues or bugs happen, it would be helpful to notify clients via notification or Red Flag Message in the tool to inform them. This would show the informed and proactive communication from HITRUST to the Clients to improve their experience within the MyCSF tool.
5 votes -
Save and Close on Document Modal
Please provide an option to both Save and Close the window when linking documents to a requirement statement. Right now, this takes 2 clicks. We have to save the document links before we can close... then we have to close to get back out to the requirement statement to complete our scoring. It's a lot of clicking already to link all the documents. Please take one click away. Thank you!
5 votes -
Draft report automatic removal
MyCSF will automatically delete the draft report files 7 days after the final reports are posted.
5 votes -
Keep top menubar visible at all times (even after scrolling)
The top menubar containing the Home, Library, Analytics, etc. links should remain visible at all times (even after scrolling down a page).
5 votes -
Make the "Expand All" button a toggle button
Make the "Expand All" button a toggle button. Currently the "Expand All" button can only be used to expand all of the requirements in the active domain. I'd like for it to change to "Collapse All" after it has been pressed, allowing the users to collapse all of the requirements in the domain.
5 votes -
[BL] Diary Tagging
Functionality for someone to either select recipients or use the "@" symbol to quick search for them like Outlook. Any individuals tagged would be notified of a Diary concerning them.
The capability should also be present at the general Assessment level without being associated with an Assessment Statement.
External people should be able to @ HITRUST users that have commented previously in the chain.
5 votes -
[BL] Redact Comments from Inheritance
Capability to mask the Client and Assessor comments from being shared in an applied Inheritance Request.
A potential capability that lets them add an inheritance comment to a Statement and that is shared instead
5 votes -
Business Associate Domain 19
Can there be an additional risk factor question for business associates that asks whether they have any responsibility for handling ePHI/PHI requests from end users/consumers (e.g. disclosures, restrictions in writing)?
Domain 19 has many requirements that are focused on covered entities, and if a BA can confirm they would never be involved in the handling of ePHI requests from end users/consumers I think it would remove several requirements that wind up being N/A and would provide clarity during QA.
4 votes -
Validated Report Agreement for CAPs
After the validated report agreement is signed by subscriber please allow for the green check mark to be generated. Subscriber should not have to wait for HITRUST to countersign the validated report agreement for a green checkmark to be generated. This delays the ability to generate caps.
4 votes
- Don't see your idea?