307 results found
-
michael.frederick@hitrustalliance.net
When an interim is generated it should also pull the documentation that was linked into the document library for the assessment and show the names of the documents within the expanded control requirement statement window. This will allow for all work to be done from within the interim versus having to hop between it and its associated full assessment. It would not link the documents, just pull them into the library and provide the listing. Links can be added once documents are updated for most current version.
4 votes -
Copy mapping from evidence items to others.
When uploading evidence for controls often one piece of evidence is used for multiple controls or there are multiple evidence items supporting the same control stage (policy, procedure, implemented). The ability to copy the mapping from one item to another would be a huge time saver.
4 votes -
When I click on the HITRUST CSF Draft Report Approved Button, it doesn't give any indication that it is doing anything.
Provide a popup saying Thank you, your approval has been generated, or something letting the customer know that it worked. We probably clicked on it a dozen times before I called support. Support told me that it "just work that way". Please add some kind of response.
4 votes -
Report to show the scoring breakdown of partially inherited requirement statements
Clients should be able to pull a report to show the scoring breakdown of partially inherited requirement statements. The client can better prioritize their remediation plans by knowing what their portion of the score was.
For example, a client may have partially inherited a score of 100% from a service provider with a weight of 75%. The client has not implemented this requirement in the portion of the environment that they are responsible for, so the remaining 25% of the score is 0%. Once the inheritance calculation occurs, the weighted average score that will appear in MyCSF and in their…
4 votes -
Electronic Signature for Auditors
For timesheets and QA Sheets - it would be best to have this done electronically. Especially since we are remote - it's easier to have Executive and QA use the same document and electronically sign/initial.
4 votes -
Rep Letter Upload Requirement
Remove edit check that requires client to upload a rep letter in order to submit a domain to the assessor. This is too early in the process to provide a rep letter - currently, clients must upload a fake / placeholder document as a workaround.
4 votes -
Custom API Endpoints
Allow a User to choose the Data points that they want returned in an API Call. MyCSF would then automatically develop an API path that returns the hand-picked dataset
4 votes -
Ability to visualize the linked documents with the requirement statement without needing to click on the linked documents button. The bu
Ability to visualize the linked documents with the requirement statement without needing to click on the linked documents button. The button to link the documents is an appropriate control for performing the linking function but if the user is able to view the list of linked documents content without another key click, it would expedite data entry QC.
4 votes -
Ability to upload, access, and edit assessment documentation using something other than the Web interface
MyCSF should support common file handling protocols to manage assessment documentation. This should operate similar to how Web applications such as media servers (Plex, Ombi) and online document repositories (livelink, sharepoint) work... these allow the upload and accessing of files using a alternate protocols such as SAMBA, SCP, and SFTP. Any file and folder changes made using supported protocols are reflected in the Web application front-ends. MyCSF should function in a similar fashion.
If this existed, users wouldn't have to upload each and every file using our Web front-end nor would they have to manually associate each artifact to the…
4 votes -
tool tips
Create "tool tips" pop up information showing features in MyCSF. Would be a lightbulb or similar icon highlighting when new functionality is added, and when all tips are viewed, goes to a sleep state. New functionality would cause the indicator to go back to a highlighted state. Should also be searchable like other process documents.
4 votes -
Data Localization
Ability for an Organization to select what locale (Americas, Europe, and Asia) to where their data is hosted.
4 votes -
Custom assessment's library builder needs to be easier to use
The custom assessment's library builder needs to be easier to select and de-select requirements in mass. For example, it needs "Select all visible requirements" and "De-select all visible requirements" buttons. Right now, if I want to include all requirements in in a particular authoritative source I have to click like 100 times.
4 votes -
Creating a custom assessment is not intuitive
The process for creating a custom assessment is not intuitive. Namely, it's tough to figure out how to (1) create a custom library, (2) publish that library, and (3) select that library for an assessment. The only help page available is how to create the custom library but not to publish it or assess against it. The whole process needs (a) to be more intuitive in the tool, (b) more help documentation, and/or (c) both of these things.
4 votes -
Remove the "Load More CAPS" button
In the CAP listing, the view doesn't display all CAPs by default. Instead, a "Load More CAPS" button needs be pressed. Please change this behavior so that the CAPs all load by default without the need to keep pressing this button.
4 votes -
[BL] Name and Security should include CSF Version expiration
There should be a date for a CSF version's expiration shown when on the Name and Security page.
4 votes -
[BL] Auto-Save Statements when Values change
Phase I: Saving at the requirement level is extremely tedious. Please look into automatically saving when you navigate to the next requirement in the domain. Otherwise users will have to click save on every single requirement independently.
configurable by users above assessment check box.
4 votes -
[BL] Inheritance Request Report
Would like a customer level report showing by requirement statement which requirements have had an inheritance request assigned the company/assessment of assignment and the date. Also would like to show acceptance/rejection by the external company.
Please include the following fields:Unique ID/Requirement Statement/Control Specification/Date Requested/Approved (Y/N)/ Date Approved/Denied
4 votes -
[BL] Status Link in HITRUST Reports
Include a URL on the Cover Letter of the Report to verify a Report's validity and certification status
4 votes -
Add DNV to Mapping
Add DNV mapping.
3 votes -
Interim assessments object creation
An organization should be able to generate an Interim assessment anytime after the Full valdiated assessment is finalized for internal management and prepareation.
3 votes
- Don't see your idea?