333 results found
-
Add reporting of user activity
Add reporting of user activity. Specifically provide reporting of returned requirements (user activity reporting) for an assessment. Providing the ability to specific a date range and see the user specific activities on each requirement (history).
3 votes -
Add 'Maturity Domains Deficient' column to CAP Report for subscribers and assessors
The CAP Report that Subscribers and Assessors can download should include a column to indicate which maturity domains (policy, process, or implemented) are deficient. This will help subscribers and assessors review CAPs to ensure that the corrective actions are addressing all deficient levels.
3 votes -
Real-Time CAP Report
Create a Report that can identify any mandatory Corrective Actions using the existing scores of the Statements in an Assessment
3 votes -
Field for HITRUST to explain why a submission was reverted
When HITRUST reverts an submitted assessment back to either an assessor or to the subscriber, MyCSF should have a field available for HITRUST to state why the assessment was reverted. This field should be required, and this field's contents should be made visible to the subscriber and assessor.
3 votes -
Introduce the notion of CHQP (Assessor firm internal QA) start and end times
There are times when the addition of assessor team quality review pushes past the 90-day window. We get backlogged the same way you do. We always adhere to the 90-day window for accepting and reviewing evidence, and we can demonstrate that reasonably. But it would be helpful if there was some flexibility around the submission date. If we plug in the real dates of assessment, and then submit 91 days after we started testing, the system errors due to >90.
Introducing the notion of the defined assessment window of 90 days, and the CHQP review period (stated dates) might help…
3 votes -
Add Multi-Select of Requirements for Delegating Responsibilities
There needs to be a half-way point between the requirement statement and domain level for delegating responsibilities. It would be nice to have the ability to select multiple requirement statements within a domain and then delegate those statements rather than completing each one individually.
3 votes -
Organizational info cleanup
The ability to edit and delete information for systems and facilities including the ability to removing them from "other" in order to keep organizational information clean.
3 votes -
Messaging Center within MyCSF
MyCSF should have a messaging center to allow individuals with access to an object (customers, assessors, HITRUST) to send and receive messages securely.
Message recipients would receive an email notification that would indicate: You have received a new message from <Entity> regarding <Assessment Object>. Please login to MyCSF and go to your message center to retrieve this message.
Additional Fields:
1. Object – allows selection of object based on those that you have access to.
2. Response Required – Checkbox used for SLA tracking purposes
3. CC – Multiselect restricted to those with access to selected object.
4. Attachment –…3 votes -
Users should be able to add documents to an assessment using email
Users should be able to add documents (e.g., screenshots, workpapers, validated report agreement, participation letter) by simply emailing a MyCSF email address, similar to what TripIt lets you do with travel itineraries. There should be a way to specify in the email body and/or subject which assessment, CSF requirement statement(s), and PRISMA levels that the document should be linked to.
3 votes -
Hyperlinks in CAPs page
In the "Corrective Action Plan" modal / pop-up accessible by pressing the "Edit" button for a single CAP listed in the "Corrective Action Plans" page: The "Linked Statements" area should contain hyperlinks. Specifically, the "Assessment", "Domain", and "Baseline Unique ID" columns should all be populated with hyperlinks.
3 votes -
user guide needs better instruction on submitting an object to HITRUST
The user guide needs better instruction on how to submit an object to HITRUST, like a click-by-click walk through.
3 votes -
Both assessor and customer must approve submission
I'd like to see the submission to HITRUST workflow be expanded to require that both the external assessor AND the customer approve the submission of the assessment object to HITRUST.
3 votes -
[BL] Document Version Control
Ability to version documents in the tool
3 votes -
[BL] Continuous Monitoring Module
Allow users to schedule requests for updates from delegated users of a Statement. A filtered view of their Statements would need to be extended to them with a clearly labeled due date.
3 votes -
[BL] Due Dates for User Delegation
Allow a User to specify the due date of a Statement that has been assigned to an individual. Notifications centered around these Statements 7310 days from deadline.
3 votes -
Adding NHS and NIS 2 - EU and UK Requirements to CSF
Adding NHS and NIS 2 - EU and UK Requirements to CSF
2 votes -
formatting text in comment boxes
you should have formatting in the comment section text boxes. so it looks good when the assessment is printed.
2 votes -
Revision
Submitting revisions to the draft report was very difficult. I had 3 revisions. The first one was duplicated 3 times instead of saving three separate ones. The second when posted refused to accept the correct section of the report that I had entered; it changed it to a different section of its own accord. I tried it twice, and it did it every time. So instead of 3 revisions, I now have 6, 3 of which are either duplicate or incorrect because of MyCSF. I have no way to delete the incorrect revisions once added. The interface needs to be…
2 votes -
Save and Submit at the control level vs. domain level
Often we send back a control to a client for them to add evidence. When they are done, the status turns to Response Complete but we cannot edit that control until they send the entire domain back. Is it possible to have a button next to the SAVE (see below) for the client to SAVE & SUBMIT and just submit that control back to us instead of the entire domain?
I think it might be more efficient for our clients to be able to submit the control back right in the control screen vs. having to go back to the…
2 votes -
Allow us to download v.9.6
We see 9.6 in the dropdown box but I cannot select it.
2 votes
- Don't see your idea?