-
[BL] Ability to Update an Assessment Name
Within the Name & Security page MyCSF should allow HITRUST Users to modify an Assessment name after it has been submitted to HITRUST.
1 vote -
[BL] Multi-Language Support in MyCSF
Allow a user to change the language presented in MyCSF
Possibly localization depending on User's browser setting
1 vote -
[BL] Root-level view for Control Reference within CSF Library
root-level view for control reference that opens up into the 156 control references and then opens up into the requirement statements listed under each control reference..
*Looking something like this: *
+ Control References
--- 00.a Information Security Management Program
--+ 01.a Access Control Policy
------- An access control policy shall be established documented and reviewed based on business and security requirements for access.
------- There shall be a formal documented and implemented user registration and de-registration procedure for granting and revoking access.If I understand correctly the problem with going through the category view is that control references may…
1 vote -
[BL] Weekly CAP SSRS Report
Automated Weekly Job to send HAX administrators CAP information within MyCSF. Delivery done in SSRS Report.
1 vote -
[BL] Submitted Date in Sidebar
Update the submitted by attribute on the sidebar to also log the date it was submitted.
1 vote -
[BL] Unique ID added to Linked Statements Modal
Include the Unique ID with the Statements list within the Linked Statements component
1 vote -
[BL] Policy Management Module
Policy Management capabilities in MyCSF with linking
1 vote -
[BL] Schedule Delivery of Analytics Reports
The ability to set up a scheduler that enables a user or organization to define what report(s) are emailed to a user and when this occurs. In lieu of the actual Report being emailed, a reminder can be sent instead with a quick link to access the report(s).
1 vote -
[BL] Access Control Report
There should be a report in MyCSF to print the internal and external users (Name & Security information) with access to the assessment object.
1 vote -
Validated Targeted Assessment (PCI, AODG, CMMC, etc)
Scoped to any authoritative source or combination or multiple sources
Would require updates to the Assurance process and program
Can be based on any tailored combination controls0 votes -
Autogenerated FedRAMP Low, Medium, and High templates
Capability that allows a user to generate a FedRAMP Low, Moderate, and High templates directly from MyCSF given the Assessment selected the FedRAMP Regulatory Option (v9.4 support)
0 votes -
Autogenerated MARS-E SSP template
Capability that allows a user to generate a MARS-E SSP template directly from MyCSF given the Assessment selected the MARS-E Regulatory Option (v9.4 support)
0 votes -
[BL] Snapshot of Scores over Time
Ability to look at an Assessment Statements scores over a specified range and interval.
0 votes -
[BL] SSRS Comparison Report
Redeploy the Comparison Report that was offered in 1.0
0 votes -
[BL] Set Approving Manager for User
Allow an Account Admin or Assessment Lead to define a User's Approving Manager. These would require the Approving Manager to approve or reject the Scores as they were saved within MyCSF.
0 votes -
[BL] Password Requirements Feedback
When user is configuring/updating password display a box that informs them of their password complexity comparative to our strength requirements
0 votes -
[BL] Interim Assessment Table on Homepage
There should be a separate table for all Interim Assessments within an Organization displayed on the Homepage. There should be a clear label indicating that the Interim Assessment does not count against the 'Assessment Count'.
0 votes -
[BL] Only require Email Address when adding a New User
When adding a new user on an account MyCSF should only require the Account Admin or Super User to enter the users email address.
0 votes -
[BL] Expiration Date field should be Visible for Assessor Accounts
For Assessor Accounts the 'Expiration Date' field should be visible within the UI of the Administration page.
0 votes -
[BL] Submit Statements in unfinished Domains
Functional change that allows a user to submit Statements in a domain that isn't fully answered yet. This would go for both Responses for Assessor and QA as well.
0 votes
- Don't see your idea?