307 results found
-
Add checkblock for evaluative element completion
break out the evaluative elements with a checkblock for completion. Also, add the ability for evaluative elements to be assigned to different users.
3 votes -
Ability of assigned assessor to bulk download customer or assessor documents
Please return the bulk download functionality. This is very useful at multiple stages of an assessment, especially for text searching and opening multiple documents at once on multiple monitors. -
- update permissions set for assessors assigned to a subscriber's validated assessment object to do bulk download of the mapped documentation whether loaded by customer or assessor.3 votes -
Bulk export and archive of an object
At times our organization has reached our object capacity. We would like to export all of our entire object and reports, but it is currently a manually intensive process. For peace of mind, we want to export everything from a previous object, then archive or delete it. Current the process is manual with reports having to be downloaded one at a time. A bulk download and export feature would be so nice.
3 votes -
Data Clean Up
remove acccess to previous subscriber's data if non renewal
3 votes -
Required CAP Analytics Options
Currently there doesn't seem to be a single report that can be run that would filter all requirements needing a CAP AND the assessor comments. This may overlap with upcoming offline CAP worksheets, but currently is a manual process to create something incorporating all the information internal stakeholders want to see.
3 votes -
Group assessments
Group assessments by year
3 votes -
Report for Illustrative Measurements
Figuring out how to demonstrate and measure proof of compliance was a steep learning curve. The illustrative measurements were extremely helpful, but I spent a lot of time having to dig for them and reformatting them to make them more readable and easier to search. Being able to sort the measurements by unique ID, CSF objective, and system/organizational would be a powerful feature.
3 votes -
Sort Corrective Actions Plans By Completion Date
You should be able to sort CAPs by their Scheduled Completion Date.
3 votes -
Please allow the CSF tool recognize the " ' " character in controls when searching.
When searching for controls the ' character is not read and therefore returns no results for controls with that character in the control language.
3 votes -
import system facility
Auto import from excel system and facility information instead of having to double entry into MyCSF one by one manually.
3 votes -
Inheritance Expiration
Indicate when an inheritance is going to expire in less than XX days.
Be able to identify in MyCSF analytics which requirements are inherited (customer view) and if any are expiring in less than 180 days.3 votes -
Inheritance Request Dynamic Dashboard
Adding a Dynamic Dashboard for Analysis purpose which can include options to create a dynamic / real time dashboard for Cloud Service Providers as well as Subscribers including but not limited to the following -
- Month wise Inheritance Requests received
- Subscriber wise IRs received
- Status Report (Created | Approved | Rejected | Cancelled ...etc.)
- Realtime Trend analysis to show increase / decrease in IRs.For Subscriber -
- Realtime status report for their requests (Approved , Rejected ...etc.)Also a feature of Automated notification to CSPs and Subscribers on a
weekly / Monthly / Yearly basis…3 votes -
Automatic Update upon CAP completion
Provide option to automatically update MyCSF score related to CAP (Policy/Procedure/Implementation) for all requirements related to CAP upon selection of "completed" stage.
3 votes -
Standardize role names
Update the role names under Names and Security. As assessors we are often assigned "Assessment Lead" rather than "Assessor". "Subscriber" is used elsewhere to identify those being assessed (e.g., Subscriber Comments). The identifiers should be consistent across the platform. Thanks.
3 votes -
3 votes
-
Clearer Guidance for CAPs needed for HITRUST QA
When a client goes in and enters in their Corrective Action Plans, I think it would be helpful to have some supplementary guidance within the CAP form that describes what information HITRUST’s Assurance Team is going to expect during QA. As it stands now, there is very little context on what a client needs to provide in the ‘Corrective Action Plan’ box and it leads to some mixed results from the QA team. It would also be nice to understand the scored maturities within the CAP form rather than having to click out of the CAP box to see what…
3 votes -
Add outstanding inheritance requests to the kanban status pop-ups
In the kanban view, the little (i) icons can be moused over to see how many outstanding items exist for the assessed entity, the assessor, or HITRUST. It would be helpful if there was a 4th task "owner" listed to reflect how many outstanding inheritance requests exist which are preventing the assessment from leaving the phase / state. Right now these are all showing up under the assessed entity, but in reality the assessed entity could be waiting for one of their service providers to approve their inheritance requests.
3 votes -
Nist certifications
Flag the assessment as insufficient for a NIST certification prior to being submitted to HITRUST so that the entity and assessor can verify the scores for those requirement statements. Also a list of requirement statements that apply to a NIST certification would be helpful.
3 votes -
allow documents to be tagged as third party assurance reports in interims, bridges, and readiness assessments
Allow documents to be tagged as third party assurance reports in interims, bridges, and readiness assessments. Currently they can only be tagged as such in validated assessments.
3 votes -
Revise CSF controls to be in line with working from home practices.
Current CSF controls do not take into account new remote working due to pandemic. The current CSF controls are not accurately reflecting current working environment and controls.
3 votes
- Don't see your idea?