43 results found
-
GAP Report
When generating a GAP report those controls that are associated with a CAP should be identified in the report as CAP required not just as a GAP.
4 votes -
Evaluative Elements Report
Create a report that shows a list of the Evaluative Elements for each requirement statement similar to the Illustrative Procedures report - this will help both assessors and assessed entities with ensuring that they are meeting the EEs when working in offline testing workbooks without clicking into each requirement statement within MyCSF.
11 votes -
Include the HITRUST requirement ID in the Reports
Please re-configure the Reports under Analytics to ensure that Requirement ID is part of the data pull. We manage this work at a requirement level and currently, every report that we run we have to do a cross-reference to pull in the requirement ID.
21 votes -
Editing comments in QA tasks, and the ability to adjust QA tasks
Currently any QA task opened, when remarking, you cannot go in and edit/delete comments. I cannot tell you how many times my fat fingers have hit enter mid sentence/comment and then I had to finish the sentence comment with another entry. Please make comments where they can be edited/deleted. If needing to keep certain things as a matter of record, at least keep things editable, and then have a marker/recording that shows edited as a time stamp or something. Additionally, instead of a new QA task needing to be created because it lacked substance or the right tools, allow the…
1 vote -
Remove the headings for each domain on a combined AssessmentReportColumn report
Within the AssessmentReportColumn report (exported to excel), remove the headings for each domain when you set "Split Assessment Domains into Separate Sheets?" as no. Instead of having headings over each domain section, add the domain as another cell within each row. This will remove the need for manual formatting to be able to run formulas, etc.
1 vote -
1 vote
-
Add a HITRUST ID column to the HITRUST QA Task Listing in MyCSF (where applicable)
It would help assessors if the unique ID was visible for each task presented in the QA Task List. Currently, we need to drill into each task to uncover what control needs to be addressed. There are tasks related to something not related to a control (i.e. "Scope of the Assessment"), so obviously those would not display a control ID and would show as a empty field value.
1 vote -
Add field in Assessment Report to show if requirement statement has been inherited
Add field in Assessment Reports and Custom Dashboards to show if a requirement statement has been inherited.
5 votes -
2 votes
-
Required CAP Analytics Options
Currently there doesn't seem to be a single report that can be run that would filter all requirements needing a CAP AND the assessor comments. This may overlap with upcoming offline CAP worksheets, but currently is a manual process to create something incorporating all the information internal stakeholders want to see.
3 votes -
1 vote
-
Report for Illustrative Measurements
Figuring out how to demonstrate and measure proof of compliance was a steep learning curve. The illustrative measurements were extremely helpful, but I spent a lot of time having to dig for them and reformatting them to make them more readable and easier to search. Being able to sort the measurements by unique ID, CSF objective, and system/organizational would be a powerful feature.
3 votes -
Combine HIPAA Compliance Pack Spreadsheets
Combine the spreadsheets in the HIPAA compliance pack into one spreadsheet.
2 votes -
CAP Report Additional Information
Customer would like to include the CAP title, Domain, and Requirement statement ID associated with the CAP in the CAP report.
5 votes -
How do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?
ow do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?
1 vote -
Reset button pop up help
Pop up help on dashboard "reset" button
1 vote -
Inheritance Request Dynamic Dashboard
Adding a Dynamic Dashboard for Analysis purpose which can include options to create a dynamic / real time dashboard for Cloud Service Providers as well as Subscribers including but not limited to the following -
- Month wise Inheritance Requests received
- Subscriber wise IRs received
- Status Report (Created | Approved | Rejected | Cancelled ...etc.)
- Realtime Trend analysis to show increase / decrease in IRs.For Subscriber -
- Realtime status report for their requests (Approved , Rejected ...etc.)Also a feature of Automated notification to CSPs and Subscribers on a
weekly / Monthly / Yearly basis…3 votes -
Comprehensive Document report
Suggestion to add a document report which can show which document related to Policy, Procedure and evidence. Hence, we can filter out which file(s) was used for evidence and which file(s) were used for P&P.
Thanks2 votes -
Add an industry benchmark chart into the NIST CSF report
Something like the attached example
1 vote -
New option on compliance pack to contain just sections of the authoritative source within a specified range of average score s
In addition to having the option to include only certain parts of the authoritative source in a compliance pack, the option should also exist to have the compliance pack only include those sections of the authoritative source with an average score falling within a specified range (e.g., below 60, between 60-70, etc.). This will allow for the breaking out of the areas warranting remediation / further review.
1 vote
- Don't see your idea?