274 results found
-
[BL] Reminders to Assessors of open tasks
As part of the Kanban board MyCSF will display the number of times the tool has notified the external assessor that a QA task is pending with them over a time period (eg: 4 notifications sent over 8 weeks). This metric will be visible to HITRUST the customer and the external assessor. Also is predicated on the tool sending messages that a QA task has been assigned to the external assessor (NOT notifications).
2 votes -
[BL] Statements in Response Needed for Assessor should be able to modify Inheritance Weight
Statements reverted to the client from Assessor should be able to adjust the inheritance weights.
2 votes -
Allow reporting on dairy entries
Add the ability to include dairy entries in reports.
1 vote -
Auto-associating uploaded evidence based on special strings in filenames
When a file is uploaded evidence into an assessment, MyCSF should be able recognize special strings filename to automatically link the file with control maturity levels and/or requirements.
Some examples:
• A document uploaded with a title of "New hire population [Imp].xlsx" would automatically be linked to the requirement's implemented level.
• A file titled "IT security policies [Pol, Pro].pdf" would automatically be linked to the policy and procedure levels.
• An uploaded document with a title of "Termination samples IMP 3334.0.xlsx" would automatically be linked to the implemented level of the requirement with the CVID of 3334.0.This could…
1 vote -
Increase "Corrective Action" field in CAPs pop-up
In the "Corrective Action Plan" modal / pop-up accessible by pressing the "Edit" button for a single CAP listed in the "Corrective Action Plans" page: The "Corrective Action" field is way too small. It's only 3 lines tall, and it makes it very, very hard to read.
1 vote -
[BL] Delegate Maturities
Capability to delegate specific maturities of a Statement
1 vote -
[BL] User Management in User Guide needs an Add User subtopic
The Admin topic in the user guide doesn't mention how to add a user. Also the 3.2 section shouldn't discuss the people tab. It should highlight the topics underneath it.
1 vote -
[BL] Link from Dashboards to MyCSF
Provide a link on the dashboards to connect the user back to 2.0.
1 vote -
[BL] Navigation Button Colors in Spotfire
Adjust the Navigation button colors in Spotfire to something more distinct
1 vote -
[BL] MyCSF Forum
Create a MyCSF Help Forum and allow all users access to it. They can decide what name is displayed via a profile.
1 vote -
[BL] Allow Assessors to Generate Assessments in Preview State
Give the Assessor Organizations the ability to populate Assessments with Library Versions that are either in the state of "Published" or "Preview"
1 vote -
[BL] Scorecard SSRS Report
Design a cleaner looking SSRS Report option for the Authoritative Source Scorecards
1 vote -
[BL] Heatmap Scorecards
Heatmap scorecards should include the Authoritative source section even if the related requirement statements was not scored. There should be an indicator on the scorecard that it was not assessed within the assessment
1 vote -
[BL] Allow Users to define First and Last Name when added to MyCSF
When a new user is created within MyCSF the user should be able to create/define their own First and Last name when first logging in to MyCSF.
1 vote -
[BL] Due Dates for User Delegation
Allow a User to specify the due date of a Statement that has been assigned to an individual. Notifications centered around these Statements 7310 days from deadline.
1 vote -
[BL] Ability to Update an Assessment Name
Within the Name & Security page MyCSF should allow HITRUST Users to modify an Assessment name after it has been submitted to HITRUST.
1 vote -
[BL] Multi-Language Support in MyCSF
Allow a user to change the language presented in MyCSF
Possibly localization depending on User's browser setting
1 vote -
[BL] Root-level view for Control Reference within CSF Library
root-level view for control reference that opens up into the 156 control references and then opens up into the requirement statements listed under each control reference..
*Looking something like this: *
+ Control References
--- 00.a Information Security Management Program
--+ 01.a Access Control Policy
------- An access control policy shall be established documented and reviewed based on business and security requirements for access.
------- There shall be a formal documented and implemented user registration and de-registration procedure for granting and revoking access.If I understand correctly the problem with going through the category view is that control references may…
1 vote -
[BL] Weekly CAP SSRS Report
Automated Weekly Job to send HAX administrators CAP information within MyCSF. Delivery done in SSRS Report.
1 vote -
[BL] Submitted Date in Sidebar
Update the submitted by attribute on the sidebar to also log the date it was submitted.
1 vote
- Don't see your idea?