Implement a "Preview" CAPs option before a "Generate" CAPs once the assessment is complete to enhance the QA process, allowing for the client to vet the caps and make sure they are confirmed allowing for more completeness, accuracy and integrity to the overall process.

Group assessments by year

Hello, I'm having issues uploading the offline assessment to Opt1 – Shearwater Health 2022 Validated Assessment. It's saying 0 rows saved and 0 blank rows were skipped, but not updating the scores

This is especially relevant to cloned assessments in my experience, but it would be nice if MyCSF had a feature to bulk-delete uploaded documents in the "Documents" section.

Can you add the External Inheritance status to the main page for the Assessor view also? The status is displayed on our client's view and it would be good to have the same status in the Assessor view so that we can track and ensure our clients indeed submitted the inheritance requests to the external entity.

Feedback Forum Access not intuitive - trying to get to the main feedback forum page but there is no link and accessing the feedback feature does not allow the user to actually navigate to the broader feedback forum itself. Usability overall for Feedback and CAPs is an issue that results in highly inefficient time usage.

Currently there doesn't seem to be a single report that can be run that would filter all requirements needing a CAP AND the assessor comments. This may overlap with upcoming offline CAP worksheets, but currently is a manual process to create something incorporating all the information internal stakeholders want to see.

When viewing the linked documents for the Requirement Statements, each document should show the date that it was linked without having to go through the document repository especially in situations where we request for additional evidence from the assessor. From some assessments I have done so far, I noticed the assessors do not make reference to the newly linked documents so we have to go to the repository to check the date for all documents to see if any was added outside their testing period. This would really help to save time during QA review.

It would be nice that if a CAP is not started that MyCSF would be aware of such and not expect the assessor to do anything at interim. This would include attaching documentation since there is technically nothing for them to review. It is not user friendly to have to attach a document because the old score warrants it when there has not been any work done it.

Peer the test plan requirement, is there any way within MyCSF where the assessor can note this is SAMPLED requirement, so then the client does not submit evidence that cannot be used since the control request sampling?

Currently, only Subscribers can view the dedicated Inheritance screen. This includes the "Download CSV" button allowing for export of Inheritance data. This data is crucial to be available for test plan development for External Assessors outside of MyCSF. Beyond that, Subscribers look to their External Assessors to guide and assist them in using inheritance, which is difficult when we do not have access to that panel. Please consider allowing External Assessor roles to view and export all inheritance information and screens within MyCSF

When uploading evidence for controls often one piece of evidence is used for multiple controls or there are multiple evidence items supporting the same control stage (policy, procedure, implemented). The ability to copy the mapping from one item to another would be a huge time saver.

When an interim is generated it should also pull the documentation that was linked into the document library for the assessment and show the names of the documents within the expanded control requirement statement window. This will allow for all work to be done from within the interim versus having to hop between it and its associated full assessment. It would not link the documents, just pull them into the library and provide the listing. Links can be added once documents are updated for most current version.

Figuring out how to demonstrate and measure proof of compliance was a steep learning curve. The illustrative measurements were extremely helpful, but I spent a lot of time having to dig for them and reformatting them to make them more readable and easier to search. Being able to sort the measurements by unique ID, CSF objective, and system/organizational would be a powerful feature.

NO VALIDATED ASSESSMENT REPORT CREDITS AVAILABLE ASSESSMENT DOMAINS - This notification could be in RED Color?

Have the ability to have once place where interviewed names would be captured and then when populating the control artifacts, you have the ability to select from a drop down of pre-populated names and titles, instead of having to type each persons name and title for each and every control. This would save time.

Similar to the Certification badge icon, create and place new "Inheritance" badge on Org Home page to quickly identify which of the assessment(s) listed have been published for External Inheritance with a hover-over pop-up dialogue box with either of the following content: "Enabled on [Effective Date]" or "Disabled on [Effective Date]".