335 results found
-
[BL] Heatmap Scorecards
Heatmap scorecards should include the Authoritative source section even if the related requirement statements was not scored. There should be an indicator on the scorecard that it was not assessed within the assessment
2 votes -
[BL] Data Type Classification for Documents
MyCSF should include the data type classification for documents. Example- if a document type is Classified and/or Confidential then only users within the organization should be able to view that document. Should also be a classification type that is acceptable for Assessors to view.
2 votes -
[BL] Disable Converting Assessment to Offline Assessment
If an Account has an offline assessment credit then mycsf should automatically have the excel spreadsheets ready to be downloaded. Assessors should be able to access this page as well only if they have been assigned to the assessment to be an assessor they can access the page to download the offline assessment spreadsheets.
2 votes -
[BL] Reminders to Assessors of open tasks
As part of the Kanban board MyCSF will display the number of times the tool has notified the external assessor that a QA task is pending with them over a time period (eg: 4 notifications sent over 8 weeks). This metric will be visible to HITRUST the customer and the external assessor. Also is predicated on the tool sending messages that a QA task has been assigned to the external assessor (NOT notifications).
2 votes -
[BL] Statements in Response Needed for Assessor should be able to modify Inheritance Weight
Statements reverted to the client from Assessor should be able to adjust the inheritance weights.
2 votes -
Allow reporting on dairy entries
Add the ability to include dairy entries in reports.
1 vote -
Auto-associating uploaded evidence based on special strings in filenames
When a file is uploaded evidence into an assessment, MyCSF should be able recognize special strings filename to automatically link the file with control maturity levels and/or requirements.
Some examples:
• A document uploaded with a title of "New hire population [Imp].xlsx" would automatically be linked to the requirement's implemented level.
• A file titled "IT security policies [Pol, Pro].pdf" would automatically be linked to the policy and procedure levels.
• An uploaded document with a title of "Termination samples IMP 3334.0.xlsx" would automatically be linked to the implemented level of the requirement with the CVID of 3334.0.This could…
1 vote -
Increase "Corrective Action" field in CAPs pop-up
In the "Corrective Action Plan" modal / pop-up accessible by pressing the "Edit" button for a single CAP listed in the "Corrective Action Plans" page: The "Corrective Action" field is way too small. It's only 3 lines tall, and it makes it very, very hard to read.
1 vote -
[BL] User Management in User Guide needs an Add User subtopic
The Admin topic in the user guide doesn't mention how to add a user. Also the 3.2 section shouldn't discuss the people tab. It should highlight the topics underneath it.
1 vote -
[BL] Snapshot of Scores over Time
Ability to look at an Assessment Statements scores over a specified range and interval.
1 vote -
[BL] Link from Dashboards to MyCSF
Provide a link on the dashboards to connect the user back to 2.0.
1 vote -
[BL] Navigation Button Colors in Spotfire
Adjust the Navigation button colors in Spotfire to something more distinct
1 vote -
[BL] MyCSF Forum
Create a MyCSF Help Forum and allow all users access to it. They can decide what name is displayed via a profile.
1 vote -
[BL] Allow Assessors to Generate Assessments in Preview State
Give the Assessor Organizations the ability to populate Assessments with Library Versions that are either in the state of "Published" or "Preview"
1 vote -
[BL] Allow Users to define First and Last Name when added to MyCSF
When a new user is created within MyCSF the user should be able to create/define their own First and Last name when first logging in to MyCSF.
1 vote -
[BL] Ability to Update an Assessment Name
Within the Name & Security page MyCSF should allow HITRUST Users to modify an Assessment name after it has been submitted to HITRUST.
1 vote -
[BL] Multi-Language Support in MyCSF
Allow a user to change the language presented in MyCSF
Possibly localization depending on User's browser setting
1 vote -
[BL] Root-level view for Control Reference within CSF Library
root-level view for control reference that opens up into the 156 control references and then opens up into the requirement statements listed under each control reference..
*Looking something like this: *
+ Control References
--- 00.a Information Security Management Program
--+ 01.a Access Control Policy
------- An access control policy shall be established documented and reviewed based on business and security requirements for access.
------- There shall be a formal documented and implemented user registration and de-registration procedure for granting and revoking access.If I understand correctly the problem with going through the category view is that control references may…
1 vote -
[BL] Weekly CAP SSRS Report
Automated Weekly Job to send HAX administrators CAP information within MyCSF. Delivery done in SSRS Report.
1 vote -
[BL] Submitted Date in Sidebar
Update the submitted by attribute on the sidebar to also log the date it was submitted.
1 vote
- Don't see your idea?