Skip to content
← MyCSF

How can we improve MyCSF?

MyCSF: Corrective Action Plans (CAPs)

Categories

JUMP TO ANOTHER FORUM

(thinking…)

More Specific CAP Permissions (Create, Read, Update, Delete)

Currently, the "Can Manage CAPs?" checkbox allows a user to both Add and Delete CAPs. Allow for an Admin to specify if the user should be able to Create, Read, Update, and/or Delete CAPs.

13 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

AdminJames Nutkis (HITRUST - Sr Director, Product Management, HITRUST) shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • AdminDennis Palmer (Director- Customer Experience, HITRUST) commented  ·   ·  Report

    Provide the ability to restrict visibility of CAPs by assessment ownership.
    Subscriber should be able to assign read/write/edit permissions to each CAP.
    CAP visibility would be restricted so that standard users would not see CAPs generated against assessments they are not assigned to.
    Add a "organizational" and "assessment only" CAP identifier.

  • Lat Kennedy commented  ·   ·  Report

    Enhanced access rights allows for reduced unauthorized changes to the data. Data is more secure and represents the true state of the information.

  • Brian Scheuber commented  ·   ·  Report

    Custom and/or itemized permission capabilities for a topic such as CAPs is very important. Minimum necessary permissions should be set to avoid unauthorized disclosures as well as prevent any unauthorized modifications. So yes I am in favor of this modification to grant Admins greater flexibility with permissions.