When a client goes in and enters in their Corrective Action Plans, I think it would be helpful to have some supplementary guidance within the CAP form that describes what information HITRUST’s Assurance Team is going to expect during QA. As it stands now, there is very little context on what a client needs to provide in the ‘Corrective Action Plan’ box and it leads to some mixed results from the QA team. It would also be nice to understand the scored maturities within the CAP form rather than having to click out of the CAP box to see what the maturities are scored at.