MyCSF

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add reporting of user activity. Specifically provide reporting of returned requirements (user activity reporting) for an assessment. Providing the ability to specific a date range and see the user specific activities on each requirement (history).

    3 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  2. The CAP Report that Subscribers and Assessors can download should include a column to indicate which maturity domains (policy, process, or implemented) are deficient. This will help subscribers and assessors review CAPs to ensure that the corrective actions are addressing all deficient levels.

    2 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  3. Within an Assessment, the tool should clearly indicate/label inputs that are included in the HITRUST issued Report.

    14 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  2 comments  ·  Performing & Submitting Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  4. One of the most time consuming tasks in performing assessments is the linkage of documentation. I think it would be helpful if our documentation repository creates a slot for each document. The slot is then mapped in a one to many relationship model to control requirements. The documents are then uploaded to the virtual slot. The big advantage is that documents in the slots can be automatically mapped to any assessment object and if the most recently reviewed version of a policy is uploaded to the slot to replace the old version, the new one automatically mapped as well. This…

    2 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →
  5. Allow a CAP be assignable to a User in an Organization. This wouldn't permit them to add new CAPs or link to Statements, but would allow them to modify the fields of CAPs they're assigned.

    9 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Corrective Action Plans (CAPs)  ·  Flag idea as inappropriate…  ·  Admin →
  6. Specifically enumerate all required policy statements and items for each requirement at the policy and procedure level as a checklist. Hiding specific requirements inside the repetitive narrative of the illustrative procedures makes it extremely difficult to parse-out what is required in policy and procedure documentation. While you're at it, remove the repetitive language all together since it's obvious for each control that "ad hoc or well understood blah blah" is already partially acceptable by your rubric and focus on giving more examples of acceptable language or implementations or links to relevant information.

    6 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  CSF & Authoritative Sources  ·  Flag idea as inappropriate…  ·  Admin →
  7. MyCSF should allow users to perform a keyword search throughout all attached documents. While this obviously wont search screenshots and non-OCR'd PDFs, the ability to do a mass search of all uploaded documents in one run would be valuable.

    16 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →
  8. When HITRUST reverts an submitted assessment back to either an assessor or to the subscriber, MyCSF should have a field available for HITRUST to state why the assessment was reverted. This field should be required, and this field's contents should be made visible to the subscriber and assessor.

    3 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Usability  ·  Flag idea as inappropriate…  ·  Admin →
  9. Like in 1.0 click a document that is associated and bring up the information related to it.
    Document Preview without Downloading would be niceThis reader should be view-only (no edits)… in a future version we’d like edit capability (e.g. to allow annotations such as textboxes… if we can even get a read-only viewer for the time being that would be a big win)
    Allows a document to be viewed in the browser and optionally downloaded
    Maybe mimic the O365 outlook model or Google Drive model of handling files?
    only supports these file types:
    PICTURES: jpg png bmp tiff jpeg
    PORTABLE…

    17 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Proposed  ·  1 comment  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →
  10. Enhance the Average Domain by Maturity Rating Report to also report on the Assessor's suggested maturity scores. The current Average Domain by Maturity Rating Report only reports the maturity scores entered by the subscriber. During an assessment project, there is not a method for the customer to generate a report that reflects the proposed maturity scores from the assessor. In order to prioritize their efforts, subscribers often need to understand whether a domain has obtained a passing score or not. Currently, they need to accept all the scores from the assessors or create a manual report outside of the MyCSF…

    2 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →
  11. Specific Statuses for Interim processing post-submission

    6 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Interim Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  12. When populating an assessment, MyCSF should offer comment fields for each control maturity level instead of just having one big comment field for the whole requirement. See attached pic.

    2 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Usability  ·  Flag idea as inappropriate…  ·  Admin →
  13. If a document was identified as associated with a requirement statement or requirement statement's PRISMA attribute(s), the assessor should be given an easy way to flag items as irrelevant to the PRISMA attribute and to the requirement statement. Its common for the customer to link files that may be related to other requirements but not necessarily to the requirement statement at hand.

    14 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →
  14. When issues or bugs happen, it would be helpful to notify clients via notification or Red Flag Message in the tool to inform them. This would show the informed and proactive communication from HITRUST to the Clients to improve their experience within the MyCSF tool.

    5 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Notifications & Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  15. After deciding that a control was inheritable, we saw the link in the bottom left menu, but when the page displayed there was no active buttons and nothing to indicate that the request had not been submitted to the cloud service provider.

    After our inheritance requests sat in pending status for 3 days, we checked with HITRUST support to discover that we must select the Created link at the top, first, and then select the Submit to Vendor button that appears only after the create step in order to properly send the request.

    There is an opportunity to eliminate some…

    8 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Inheritance & Shared Responsibility  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow notifications from test environments to be turned off.

    11 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Notifications & Alerts  ·  Flag idea as inappropriate…  ·  Admin →
  17. Please provide an option to both Save and Close the window when linking documents to a requirement statement. Right now, this takes 2 clicks. We have to save the document links before we can close... then we have to close to get back out to the requirement statement to complete our scoring. It's a lot of clicking already to link all the documents. Please take one click away. Thank you!

    5 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →
  18. There are times when the addition of assessor team quality review pushes past the 90-day window. We get backlogged the same way you do. We always adhere to the 90-day window for accepting and reviewing evidence, and we can demonstrate that reasonably. But it would be helpful if there was some flexibility around the submission date. If we plug in the real dates of assessment, and then submit 91 days after we started testing, the system errors due to >90.

    Introducing the notion of the defined assessment window of 90 days, and the CHQP review period (stated dates) might help…

    2 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Performing & Submitting Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Adding Documents to each control, there is not a way to search for the document, except by name. There needs to be a listing like a . function to pull up your list to choose.

    3 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →
  20. Date of Submission should be when HT approves Assessment

    9 votes
    Sign in
    (thinking…)
    Sign in with:
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Performing & Submitting Assessments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?