317 results found
-
[BL] Diary Tagging
Functionality for someone to either select recipients or use the "@" symbol to quick search for them like Outlook. Any individuals tagged would be notified of a Diary concerning them.
The capability should also be present at the general Assessment level without being associated with an Assessment Statement.
External people should be able to @ HITRUST users that have commented previously in the chain.
5 votes -
[BL] Redact Comments from Inheritance
Capability to mask the Client and Assessor comments from being shared in an applied Inheritance Request.
A potential capability that lets them add an inheritance comment to a Statement and that is shared instead
5 votes -
Offline for Interim
Can the offline assessment be made available in an interim assessment
4 votes -
HITRUST QA Tasks for External Assessor
It would be helpful to be able to export to excel HITRUST QA tasks with the Assessment Task pop-up details, including the full text of the latest HITRUST Comment and corresponding BUID for the control.
4 votes -
Add DNV to Mapping
Add DNV mapping.
4 votes -
Validated Report Agreement for CAPs
After the validated report agreement is signed by subscriber please allow for the green check mark to be generated. Subscriber should not have to wait for HITRUST to countersign the validated report agreement for a green checkmark to be generated. This delays the ability to generate caps.
4 votes -
Add checkblock for evaluative element completion
break out the evaluative elements with a checkblock for completion. Also, add the ability for evaluative elements to be assigned to different users.
4 votes -
Data Clean Up
remove acccess to previous subscriber's data if non renewal
4 votes -
michael.frederick@hitrustalliance.net
When an interim is generated it should also pull the documentation that was linked into the document library for the assessment and show the names of the documents within the expanded control requirement statement window. This will allow for all work to be done from within the interim versus having to hop between it and its associated full assessment. It would not link the documents, just pull them into the library and provide the listing. Links can be added once documents are updated for most current version.
4 votes -
Copy mapping from evidence items to others.
When uploading evidence for controls often one piece of evidence is used for multiple controls or there are multiple evidence items supporting the same control stage (policy, procedure, implemented). The ability to copy the mapping from one item to another would be a huge time saver.
4 votes -
When I click on the HITRUST CSF Draft Report Approved Button, it doesn't give any indication that it is doing anything.
Provide a popup saying Thank you, your approval has been generated, or something letting the customer know that it worked. We probably clicked on it a dozen times before I called support. Support told me that it "just work that way". Please add some kind of response.
4 votes -
Report to show the scoring breakdown of partially inherited requirement statements
Clients should be able to pull a report to show the scoring breakdown of partially inherited requirement statements. The client can better prioritize their remediation plans by knowing what their portion of the score was.
For example, a client may have partially inherited a score of 100% from a service provider with a weight of 75%. The client has not implemented this requirement in the portion of the environment that they are responsible for, so the remaining 25% of the score is 0%. Once the inheritance calculation occurs, the weighted average score that will appear in MyCSF and in their…
4 votes -
Electronic Signature for Auditors
For timesheets and QA Sheets - it would be best to have this done electronically. Especially since we are remote - it's easier to have Executive and QA use the same document and electronically sign/initial.
4 votes -
Rep Letter Upload Requirement
Remove edit check that requires client to upload a rep letter in order to submit a domain to the assessor. This is too early in the process to provide a rep letter - currently, clients must upload a fake / placeholder document as a workaround.
4 votes -
Custom API Endpoints
Allow a User to choose the Data points that they want returned in an API Call. MyCSF would then automatically develop an API path that returns the hand-picked dataset
4 votes -
Ability to visualize the linked documents with the requirement statement without needing to click on the linked documents button. The bu
Ability to visualize the linked documents with the requirement statement without needing to click on the linked documents button. The button to link the documents is an appropriate control for performing the linking function but if the user is able to view the list of linked documents content without another key click, it would expedite data entry QC.
4 votes -
Ability to upload, access, and edit assessment documentation using something other than the Web interface
MyCSF should support common file handling protocols to manage assessment documentation. This should operate similar to how Web applications such as media servers (Plex, Ombi) and online document repositories (livelink, sharepoint) work... these allow the upload and accessing of files using a alternate protocols such as SAMBA, SCP, and SFTP. Any file and folder changes made using supported protocols are reflected in the Web application front-ends. MyCSF should function in a similar fashion.
If this existed, users wouldn't have to upload each and every file using our Web front-end nor would they have to manually associate each artifact to the…
4 votes -
tool tips
Create "tool tips" pop up information showing features in MyCSF. Would be a lightbulb or similar icon highlighting when new functionality is added, and when all tips are viewed, goes to a sleep state. New functionality would cause the indicator to go back to a highlighted state. Should also be searchable like other process documents.
4 votes -
Data Localization
Ability for an Organization to select what locale (Americas, Europe, and Asia) to where their data is hosted.
4 votes -
Custom assessment's library builder needs to be easier to use
The custom assessment's library builder needs to be easier to select and de-select requirements in mass. For example, it needs "Select all visible requirements" and "De-select all visible requirements" buttons. Right now, if I want to include all requirements in in a particular authoritative source I have to click like 100 times.
4 votes
- Don't see your idea?