Build a Template Policy and Procedure Set for each MyCSF version. Everyone is wasting time and often misaligned when building policies, procedures, standards, guidelines, and plans to comply with HITRUST. I (and I'm sure others) would value HITRUST creating a compliant set of Policies and Procedures that we can implement with minor changes. Either build in a reference section to each document (that shows the MyCSF control it is addressing) or provide a master index, liked HITRUST and other frameworks. While the policy and procedure sets till needs to be audited and certified, it shifts the focus to certifying at the other maturity levels (implementation and above).