307 results found
-
User Guide - Make more apparent
Suggestion. It would be helpful if you put a link in the NEED HELP popup that indicates "Click here for User Guide"; And or as a tab at the top of every screen. Every time I have a problem, I try to figure out where the tab is. Because I am thinking of many things at once, I usually contract the Help Desk. Thank you, Anita Harris
3 votes -
Add an RSS feed for MyCSF notifications
Add an RSS feed for MyCSF notifications appearing in the "Your Notifications" section of MyCSF
3 votes -
Requirement statement text in "linked statements for" modal should be a hyperlink
In the modal accessible from the general documents page used to show the requirement statements that are linked to a particular document, the requirement statement text should be a hyperlink leading to that requirement statement. See pic.
3 votes -
Visualize reports before clicking on them
Whenever I'm working on getting controls exported, I always forget which report I like the best (I recently re-learned that it's the Assessment Report (Column)). It'd be great to have a picture next to each report type to more easily identify each report.
3 votes -
Average Domain by Maturity Rating Report
Enhance the Average Domain by Maturity Rating Report to also report on the Assessor's suggested maturity scores. The current Average Domain by Maturity Rating Report only reports the maturity scores entered by the subscriber. During an assessment project, there is not a method for the customer to generate a report that reflects the proposed maturity scores from the assessor. In order to prioritize their efforts, subscribers often need to understand whether a domain has obtained a passing score or not. Currently, they need to accept all the scores from the assessors or create a manual report outside of the MyCSF…
3 votes -
Comment fields for each control maturity level
When populating an assessment, MyCSF should offer comment fields for each control maturity level instead of just having one big comment field for the whole requirement. See attached pic.
3 votes -
Add reporting of user activity
Add reporting of user activity. Specifically provide reporting of returned requirements (user activity reporting) for an assessment. Providing the ability to specific a date range and see the user specific activities on each requirement (history).
3 votes -
Add 'Maturity Domains Deficient' column to CAP Report for subscribers and assessors
The CAP Report that Subscribers and Assessors can download should include a column to indicate which maturity domains (policy, process, or implemented) are deficient. This will help subscribers and assessors review CAPs to ensure that the corrective actions are addressing all deficient levels.
3 votes -
Real-Time CAP Report
Create a Report that can identify any mandatory Corrective Actions using the existing scores of the Statements in an Assessment
3 votes -
Field for HITRUST to explain why a submission was reverted
When HITRUST reverts an submitted assessment back to either an assessor or to the subscriber, MyCSF should have a field available for HITRUST to state why the assessment was reverted. This field should be required, and this field's contents should be made visible to the subscriber and assessor.
3 votes -
Introduce the notion of CHQP (Assessor firm internal QA) start and end times
There are times when the addition of assessor team quality review pushes past the 90-day window. We get backlogged the same way you do. We always adhere to the 90-day window for accepting and reviewing evidence, and we can demonstrate that reasonably. But it would be helpful if there was some flexibility around the submission date. If we plug in the real dates of assessment, and then submit 91 days after we started testing, the system errors due to >90.
Introducing the notion of the defined assessment window of 90 days, and the CHQP review period (stated dates) might help…
3 votes -
Add Multi-Select of Requirements for Delegating Responsibilities
There needs to be a half-way point between the requirement statement and domain level for delegating responsibilities. It would be nice to have the ability to select multiple requirement statements within a domain and then delegate those statements rather than completing each one individually.
3 votes -
Organizational info cleanup
The ability to edit and delete information for systems and facilities including the ability to removing them from "other" in order to keep organizational information clean.
3 votes -
Messaging Center within MyCSF
MyCSF should have a messaging center to allow individuals with access to an object (customers, assessors, HITRUST) to send and receive messages securely.
Message recipients would receive an email notification that would indicate: You have received a new message from <Entity> regarding <Assessment Object>. Please login to MyCSF and go to your message center to retrieve this message.
Additional Fields:
1. Object – allows selection of object based on those that you have access to.
2. Response Required – Checkbox used for SLA tracking purposes
3. CC – Multiselect restricted to those with access to selected object.
4. Attachment –…3 votes -
Users should be able to add documents to an assessment using email
Users should be able to add documents (e.g., screenshots, workpapers, validated report agreement, participation letter) by simply emailing a MyCSF email address, similar to what TripIt lets you do with travel itineraries. There should be a way to specify in the email body and/or subject which assessment, CSF requirement statement(s), and PRISMA levels that the document should be linked to.
3 votes -
Hyperlinks in CAPs page
In the "Corrective Action Plan" modal / pop-up accessible by pressing the "Edit" button for a single CAP listed in the "Corrective Action Plans" page: The "Linked Statements" area should contain hyperlinks. Specifically, the "Assessment", "Domain", and "Baseline Unique ID" columns should all be populated with hyperlinks.
3 votes -
user guide needs better instruction on submitting an object to HITRUST
The user guide needs better instruction on how to submit an object to HITRUST, like a click-by-click walk through.
3 votes -
Both assessor and customer must approve submission
I'd like to see the submission to HITRUST workflow be expanded to require that both the external assessor AND the customer approve the submission of the assessment object to HITRUST.
3 votes -
[BL] Document Version Control
Ability to version documents in the tool
3 votes -
[BL] Continuous Monitoring Module
Allow users to schedule requests for updates from delegated users of a Statement. A filtered view of their Statements would need to be extended to them with a clearly labeled due date.
3 votes
- Don't see your idea?