307 results found
-
Visualize reports before clicking on them
Whenever I'm working on getting controls exported, I always forget which report I like the best (I recently re-learned that it's the Assessment Report (Column)). It'd be great to have a picture next to each report type to more easily identify each report.
3 votes -
Ability to sort documents list
The general documents view should allow the user to sort the documents by date uploaded, by document title, and by document description.
19 votes -
Removing the lower level nested Requirement Statements from an assessment
When you have a level 3 Requirement statement, can the level 1 and level 2 requirement statement for that same control be removed from the assessment? This would remove redundancy, by not having to ask the business for evidence at each level because it would be inclusive in the level 3. This would also lower the number of overall baselines while still covering the control.
13 votes -
Custom Reporting
Users should have the ability to write custom reports, build custom charts, and save these for later usage. Something similar to Microsoft PowerBI or an equivalent product.
28 votes -
Add a submission check for failing scores (requires override)
There are a variety of quality checks imposed, some that require overrides from the assessor team to continue with submission. One of those should be 'scores are already too low to certify'.
Please add a little flag or warning note at the time of submission to simply say, "You're submitting an assessment for certification, but the scores are too low to certify. Proceed Y/N?"
Our particular case was due to errors in the inheritance process, but it could happen in other scenarios. Best to alert the assessor and confirm that they are not seeking certification.
7 votes -
Separate discretionary factors from mandatory factors
I'd like to see the scoping factors that are optional / discretionary (namely the regulatory factors) clearly labeled as such, or even moved into their own page containing a disclaimer that they are optional. For the rest of the factors (which MUST be accurate), I'd like to see them clearly labeled as such or on their own page with a tagline describing that they must be accurately entered.
33 votes -
Requirement statement text in "linked statements for" modal should be a hyperlink
In the modal accessible from the general documents page used to show the requirement statements that are linked to a particular document, the requirement statement text should be a hyperlink leading to that requirement statement. See pic.
3 votes -
Returned Requirements Reporting
User activity - would like the ability to pull reporting on assessments of returned requirements and if possible other related user activity.
1 vote -
Return single domain or control to correct inheritance
HITRUST should create a feature to allow inheritance by domain/control rather than the whole assessment being returned for a single control/domain inheritance request.
21 votes -
Offline Assessment for Interims & Bridges
MyCSF should allow a user to download and use the Offline Assessment for Interim and Bridge Assessment
5 votes -
Search all attached documents for keyword(s)
MyCSF should allow users to perform a keyword search throughout all attached documents. While this obviously wont search screenshots and non-OCR'd PDFs, the ability to do a mass search of all uploaded documents in one run would be valuable.
21 votes -
[BL] Update "Process" to "Procedure"
We have definitions for procedure and process in the glossary and they have separate meanings. Currently the tool shows the policy process implemented measure and manage instead of procedure.
27 votes -
Add 'Maturity Domains Deficient' column to CAP Report for subscribers and assessors
The CAP Report that Subscribers and Assessors can download should include a column to indicate which maturity domains (policy, process, or implemented) are deficient. This will help subscribers and assessors review CAPs to ensure that the corrective actions are addressing all deficient levels.
3 votes -
Column Option for Illustrative Procedures Report
Reporting
Please allow for a column option for the Illustrative Procedures Report. Much like the Assessment Report (Column).8 votes -
More Specific CAP Permissions (Create, Read, Update, Delete)
Currently, the "Can Manage CAPs?" checkbox allows a user to both Add and Delete CAPs. Allow for an Admin to specify if the user should be able to Create, Read, Update, and/or Delete CAPs.
13 votes -
Review sign off
Add a checkbox or field for external reviewers to sign off on requirement statement after they have reviewed them.
1 vote -
Average Domain by Maturity Rating Report
Enhance the Average Domain by Maturity Rating Report to also report on the Assessor's suggested maturity scores. The current Average Domain by Maturity Rating Report only reports the maturity scores entered by the subscriber. During an assessment project, there is not a method for the customer to generate a report that reflects the proposed maturity scores from the assessor. In order to prioritize their efforts, subscribers often need to understand whether a domain has obtained a passing score or not. Currently, they need to accept all the scores from the assessors or create a manual report outside of the MyCSF…
3 votes -
All fields that appear in the final report should be indicated as such with an icon on the page
Within an Assessment, the tool should clearly indicate/label inputs that are included in the HITRUST issued Report.
16 votes -
date format
with the increased usage of MyCSF by non-US based users all dates should be switched to Month DD, YYYY format from the MM/DD/YYYY format currently used to avoid confusion
1 vote -
Comment fields for each control maturity level
When populating an assessment, MyCSF should offer comment fields for each control maturity level instead of just having one big comment field for the whole requirement. See attached pic.
3 votes
- Don't see your idea?