Skip to content

MyCSF

MyCSF

Categories

JUMP TO ANOTHER FORUM

(thinking…)

How can we improve MyCSF?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

315 results found

  1. Add 'Maturity Domains Deficient' column to CAP Report for subscribers and assessors

    The CAP Report that Subscribers and Assessors can download should include a column to indicate which maturity domains (policy, process, or implemented) are deficient. This will help subscribers and assessors review CAPs to ensure that the corrective actions are addressing all deficient levels.

    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Analytics & Reporting  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  2. Column Option for Illustrative Procedures Report

    Reporting
    Please allow for a column option for the Illustrative Procedures Report. Much like the Assessment Report (Column).

    8 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Analytics & Reporting  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  3. More Specific CAP Permissions (Create, Read, Update, Delete)

    Currently, the "Can Manage CAPs?" checkbox allows a user to both Add and Delete CAPs. Allow for an Admin to specify if the user should be able to Create, Read, Update, and/or Delete CAPs.

    13 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    Planned  ·  4 comments  ·  Corrective Action Plans (CAPs)  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  4. Review sign off

    Add a checkbox or field for external reviewers to sign off on requirement statement after they have reviewed them.

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Performing & Submitting Assessments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  5. Average Domain by Maturity Rating Report

    Enhance the Average Domain by Maturity Rating Report to also report on the Assessor's suggested maturity scores. The current Average Domain by Maturity Rating Report only reports the maturity scores entered by the subscriber. During an assessment project, there is not a method for the customer to generate a report that reflects the proposed maturity scores from the assessor. In order to prioritize their efforts, subscribers often need to understand whether a domain has obtained a passing score or not. Currently, they need to accept all the scores from the assessors or create a manual report outside of the MyCSF…

    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Analytics & Reporting  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  6. All fields that appear in the final report should be indicated as such with an icon on the page

    Within an Assessment, the tool should clearly indicate/label inputs that are included in the HITRUST issued Report.

    16 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    Proposed  ·  2 comments  ·  Performing & Submitting Assessments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  7. date format

    with the increased usage of MyCSF by non-US based users all dates should be switched to Month DD, YYYY format from the MM/DD/YYYY format currently used to avoid confusion

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  General Usability  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  8. Comment fields for each control maturity level

    When populating an assessment, MyCSF should offer comment fields for each control maturity level instead of just having one big comment field for the whole requirement. See attached pic.

    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  General Usability  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  9. Add reporting of user activity

    Add reporting of user activity. Specifically provide reporting of returned requirements (user activity reporting) for an assessment. Providing the ability to specific a date range and see the user specific activities on each requirement (history).

    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Analytics & Reporting  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  10. Assign CAP to User

    Allow a CAP be assignable to a User in an Organization. This wouldn't permit them to add new CAPs or link to Statements, but would allow them to modify the fields of CAPs they're assigned.

    9 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Corrective Action Plans (CAPs)  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  11. Real-Time CAP Report

    Create a Report that can identify any mandatory Corrective Actions using the existing scores of the Statements in an Assessment

    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    Under Specification  ·  0 comments  ·  Analytics & Reporting  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  12. Field for HITRUST to explain why a submission was reverted

    When HITRUST reverts an submitted assessment back to either an assessor or to the subscriber, MyCSF should have a field available for HITRUST to state why the assessment was reverted. This field should be required, and this field's contents should be made visible to the subscriber and assessor.

    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  General Usability  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  13. Give assessors an easy way to "reject" evidence linked to a requirement statement by the assessed entity

    If a document was identified as associated with a requirement statement or requirement statement's PRISMA attribute(s), the assessor should be given an easy way to flag items as irrelevant to the PRISMA attribute and to the requirement statement. Its common for the customer to link files that may be related to other requirements but not necessarily to the requirement statement at hand.

    16 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Documents & Evidence  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  14. Introduce the notion of CHQP (Assessor firm internal QA) start and end times

    There are times when the addition of assessor team quality review pushes past the 90-day window. We get backlogged the same way you do. We always adhere to the 90-day window for accepting and reviewing evidence, and we can demonstrate that reasonably. But it would be helpful if there was some flexibility around the submission date. If we plug in the real dates of assessment, and then submit 91 days after we started testing, the system errors due to >90.

    Introducing the notion of the defined assessment window of 90 days, and the CHQP review period (stated dates) might help…

    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Performing & Submitting Assessments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  15. Requesting Inheritance for a Control - Make it easier submit the request.

    After deciding that a control was inheritable, we saw the link in the bottom left menu, but when the page displayed there was no active buttons and nothing to indicate that the request had not been submitted to the cloud service provider.

    After our inheritance requests sat in pending status for 3 days, we checked with HITRUST support to discover that we must select the Created link at the top, first, and then select the Submit to Vendor button that appears only after the create step in order to properly send the request.

    There is an opportunity to eliminate some…

    10 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Inheritance & Shared Responsibility  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  16. Diary Notifications and Indicators

    Add notifications when new diary entries are posted to an item that I haven't yet read. It would be great if this was visible at the domain and requirement statement level. It should be user specific - so once I read an entry, it turns the "New" notification off. This way I know when a subscriber leaves me a note or question, and they know when I leave a reply. I also upvoted the tagging option in diaries as this would be be a similar feature, but only if I can tell the difference between items I've read and haven't…

    7 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  General Usability  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  17. Submit Individual Questions that are reverted to External Assessor

    Capability that allows a user to submit a reverted Question to their External Assessor without waiting for the Domain and/or Assessment to be completed.

    11 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Performing & Submitting Assessments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  18. Flag for zero-occurrence / 0-pop requirements

    HITRUST's guidance allows zero-population requirements to be scored at fully compliant on the implemented level IF a well-defined policy and procedure exists for the assessed entity to observe should the related activity occur. However, MyCSF doesn't currently do a good job of allowing assessed entities and assessors to efficiently communicate this scenario. Because MyCSF requires that evidence be linked to a scored implemented PRISMA level, assessors are often forced to tag the policy or procedure documents to the implemented PRISMA level in this scenario. To remedy, MyCSF should offer a flag (e.g., a checkbox) which can be used to communicate…

    10 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Performing & Submitting Assessments  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  19. Display Message within the tool informing clients of bugs/patches or issues to be proactive and better inform

    When issues or bugs happen, it would be helpful to notify clients via notification or Red Flag Message in the tool to inform them. This would show the informed and proactive communication from HITRUST to the Clients to improve their experience within the MyCSF tool.

    5 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Notifications & Alerts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  20. Option to disable test environment notifications.

    Allow notifications from test environments to be turned off.

    11 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Notifications & Alerts  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
1 2 9 11 13 14 15 16
  • Don't see your idea?