43 results found
-
Flag for zero-occurrence / 0-pop requirements
HITRUST's guidance allows zero-population requirements to be scored at fully compliant on the implemented level IF a well-defined policy and procedure exists for the assessed entity to observe should the related activity occur. However, MyCSF doesn't currently do a good job of allowing assessed entities and assessors to efficiently communicate this scenario. Because MyCSF requires that evidence be linked to a scored implemented PRISMA level, assessors are often forced to tag the policy or procedure documents to the implemented PRISMA level in this scenario. To remedy, MyCSF should offer a flag (e.g., a checkbox) which can be used to communicate…
10 votes -
[BL] Control Reference labeled on Statements
Can we add an enhancement to add the control reference to the requirement statements layout. Like the below. People have a hard time of telling what the requirements are related to without the name. Example is the constant confusion on 09.x and 09.y controls. They are all e-commerce and online transaction but some of them do not have either of those terms within the statement so people think it is just a standalone control.
09.x Electronic Commerce Services
!1579275197061-0.png!11 votes -
Date of Submission should be when HT approves Assessment
Date of Submission should be when HT approves Assessment
9 votes -
[BL] Edit/Delete Diary Entries
Feature allowing a user to edit or remove a diary entry
10 votes -
Draft report automatic removal
MyCSF will automatically delete the draft report files 7 days after the final reports are posted.
5 votes -
Provide assessors the ability to revert entire domains back to clients
Provide assessors the ability to revert entire domains back to clients- even if the feature was only available when the status of the domain is "assessor review pending". This would avoid needing to request HITRUST to revert domains if clients accidentally hit submit too early.
8 votes -
Add Multi-Select of Requirements for Delegating Responsibilities
There needs to be a half-way point between the requirement statement and domain level for delegating responsibilities. It would be nice to have the ability to select multiple requirement statements within a domain and then delegate those statements rather than completing each one individually.
3 votes -
Custom Tagging for Requirement Statements
The ability for customers to create their own tags on the Requirement Statements and sort/filter based upon their custom tags.
8 votes -
[BL] Diary Tagging
Functionality for someone to either select recipients or use the "@" symbol to quick search for them like Outlook. Any individuals tagged would be notified of a Diary concerning them.
The capability should also be present at the general Assessment level without being associated with an Assessment Statement.
External people should be able to @ HITRUST users that have commented previously in the chain.
5 votes -
Make the "Expand All" button a toggle button
Make the "Expand All" button a toggle button. Currently the "Expand All" button can only be used to expand all of the requirements in the active domain. I'd like for it to change to "Collapse All" after it has been pressed, allowing the users to collapse all of the requirements in the domain.
5 votes -
[BL] Auto-Save Statements when Values change
Phase I: Saving at the requirement level is extremely tedious. Please look into automatically saving when you navigate to the next requirement in the domain. Otherwise users will have to click save on every single requirement independently.
configurable by users above assessment check box.
4 votes -
Delegation Percentage indicator
delegation percentage graph
1 vote -
Show internal assessor scoring
show indication of who entered customer scoring- customer or internal assessor
1 vote -
Both assessor and customer must approve submission
I'd like to see the submission to HITRUST workflow be expanded to require that both the external assessor AND the customer approve the submission of the assessment object to HITRUST.
3 votes -
[BL] Continuous Monitoring Module
Allow users to schedule requests for updates from delegated users of a Statement. A filtered view of their Statements would need to be extended to them with a clearly labeled due date.
3 votes -
[BL] Due Dates for User Delegation
Allow a User to specify the due date of a Statement that has been assigned to an individual. Notifications centered around these Statements 7310 days from deadline.
3 votes -
Show # of Assigned Users, Inheritance Requests, and Diary Entries in Header
Like there is for the Linked Documents modal, the header of the modal for Assigned Users, Inheritance Requests, and Diary Entries should indicate the count of the respective items.
2 votes -
[BL] Delegate Maturities
Capability to delegate specific maturities of a Statement
2 votes -
[BL] Reminders to Assessors of open tasks
As part of the Kanban board MyCSF will display the number of times the tool has notified the external assessor that a QA task is pending with them over a time period (eg: 4 notifications sent over 8 weeks). This metric will be visible to HITRUST the customer and the external assessor. Also is predicated on the tool sending messages that a QA task has been assigned to the external assessor (NOT notifications).
2 votes -
[BL] Submitted Date in Sidebar
Update the submitted by attribute on the sidebar to also log the date it was submitted.
1 vote
- Don't see your idea?