Skip to content

MyCSF

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

313 results found

  1. Integrate the Shared Responsibility Matrix (SRM) into the inheritance selection process. Currently, it is feasible for a subscriber to select inheritance for a requirement that is categorized as not inheritable in the SRM. Recently, a customer submitted inheritance, which was ultimately rejected. Upon further research, HITRUST support indicated that the requirement was not inheritable, as described in the SRM. A subscriber should not be able to select inheritance for those requirements defined as not inheritable.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Remove edit check that requires client to upload a rep letter in order to submit a domain to the assessor. This is too early in the process to provide a rep letter - currently, clients must upload a fake / placeholder document as a workaround.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. It would be great if there was an option to sort/filter requirements based on the Unique ID, not just the level or control.

    33 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. When a similar requirement statement is applicable for multiple regulatory factors, only have that requirement statement appear once in the scoped assessment, currently they can appear multiple times in an assessment.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. The No Active Subscribers error message should be more specific concerning the actual error. It currently displays when a user is not assigned to any assessments or when the subscriber account has expired. A more descriptive error message would prevent confusion and assist is resolving the actual issue earlier without client frustration.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Where we have help pages built (eg: Factors) you should be able to click on the factor and see the help information in a sidebar without having to leave the MyCSF page.

    36 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Help  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Whenever I'm working on getting controls exported, I always forget which report I like the best (I recently re-learned that it's the Assessment Report (Column)). It'd be great to have a picture next to each report type to more easily identify each report.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. The general documents view should allow the user to sort the documents by date uploaded, by document title, and by document description.

    19 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. When you have a level 3 Requirement statement, can the level 1 and level 2 requirement statement for that same control be removed from the assessment? This would remove redundancy, by not having to ask the business for evidence at each level because it would be inclusive in the level 3. This would also lower the number of overall baselines while still covering the control.

    13 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Users should have the ability to write custom reports, build custom charts, and save these for later usage. Something similar to Microsoft PowerBI or an equivalent product.

    28 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. There are a variety of quality checks imposed, some that require overrides from the assessor team to continue with submission. One of those should be 'scores are already too low to certify'.

    Please add a little flag or warning note at the time of submission to simply say, "You're submitting an assessment for certification, but the scores are too low to certify. Proceed Y/N?"

    Our particular case was due to errors in the inheritance process, but it could happen in other scenarios. Best to alert the assessor and confirm that they are not seeking certification.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. I'd like to see the scoping factors that are optional / discretionary (namely the regulatory factors) clearly labeled as such, or even moved into their own page containing a disclaimer that they are optional. For the rest of the factors (which MUST be accurate), I'd like to see them clearly labeled as such or on their own page with a tagline describing that they must be accurately entered.

    33 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. In the modal accessible from the general documents page used to show the requirement statements that are linked to a particular document, the requirement statement text should be a hyperlink leading to that requirement statement. See pic.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. User activity - would like the ability to pull reporting on assessments of returned requirements and if possible other related user activity.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. HITRUST should create a feature to allow inheritance by domain/control rather than the whole assessment being returned for a single control/domain inheritance request.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. MyCSF should allow a user to download and use the Offline Assessment for Interim and Bridge Assessment

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Other  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. MyCSF should allow users to perform a keyword search throughout all attached documents. While this obviously wont search screenshots and non-OCR'd PDFs, the ability to do a mass search of all uploaded documents in one run would be valuable.

    21 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. We have definitions for procedure and process in the glossary and they have separate meanings. Currently the tool shows the policy process implemented measure and manage instead of procedure.

    27 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  0 comments  ·  Other  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. The CAP Report that Subscribers and Assessors can download should include a column to indicate which maturity domains (policy, process, or implemented) are deficient. This will help subscribers and assessors review CAPs to ensure that the corrective actions are addressing all deficient levels.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Reporting
    Please allow for a column option for the Illustrative Procedures Report. Much like the Assessment Report (Column).

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
1 2 8 10 12 15 16
  • Don't see your idea?