MyCSF

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. SSO through OIDC or SAML. For a framework that places a heavy emphasis on role-based access controls and centralized identity management it seems only fitting that HITRUST implemented either OIDC or SAML.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  2 comments  ·  Administration & Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Customer would like to include the CAP title, Domain, and Requirement statement ID associated with the CAP in the CAP report.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  1 comment  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Suggestion to add a document report which can show which document related to Policy, Procedure and evidence. Hence, we can filter out which file(s) was used for evidence and which file(s) were used for P&P.
    Thanks

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. An option to configure an assessment's documentation (workpapers, audit evidence) to reside in the client's cloud hosting provider instead of in MyCSF's default storage location, such as:
    - Client's box.com
    - Client's S3 bucket
    - Client's Google drive
    - Client's SharePoint

    This would require the client to grant the MyCSF application access into a specific area in their cloud environment. This would be very beneficial to customers who don't want to allow assessment documentation to leave their controlled environments.

    This would also require MyCSF to store assessment documentation in a folder structure that can be navigated with something like Windows…

    36 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  1 comment  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Users should have the ability to write custom reports, build custom charts, and save these for later usage. Something similar to Microsoft PowerBI or an equivalent product.

    27 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  2 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. I'd like to see the scoping factors that are optional / discretionary (namely the regulatory factors) clearly labeled as such, or even moved into their own page containing a disclaimer that they are optional. For the rest of the factors (which MUST be accurate), I'd like to see them clearly labeled as such or on their own page with a tagline describing that they must be accurately entered.

    33 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  0 comments  ·  Pre-Assessment & Scoping  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Create a Report that can identify any mandatory Corrective Actions using the existing scores of the Statements in an Assessment

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Would like a customer level report showing by requirement statement which requirements have had an inheritance request assigned the company/assessment of assignment and the date. Also would like to show acceptance/rejection by the external company.

    Please include the following fields:

    Unique ID/Requirement Statement/Control Specification/Date Requested/Approved (Y/N)/ Date Approved/Denied

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?