MyCSF

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. ow do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. When creating a new assessment object AFTER already having been certified (i.e., in a re-certification scenario), MyCSF should have an option to include or NOT include the documentation linkages present in the previous assessment object.

    25 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Started  ·  0 comments  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Indicate when an inheritance is going to expire in less than XX days.

    Be able to identify in MyCSF analytics which requirements are inherited (customer view) and if any are expiring in less than 180 days.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Inheritance & Shared Responsibility  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. 3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  CSF & Authoritative Sources  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Pop up help on dashboard "reset" button

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. When changes are made to the CSF, but the version number is not bumped, a changelog should be published and assessors and subscribers should be alerted. Currently subscribers often create spreadsheets of requirements for internal use as they prepare for their next assessment.

    Sometimes, for a variety of reasons, the assessment object may get refreshed or even deleted and recreated. If a change has occurred to the CSF that didn't bump the version number, the subscriber will end up with an assessment object that doesn't 100% align with their preparation efforts. This is usually not discovered until well into the…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  CSF & Authoritative Sources  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. The process by which we as assessors take to determine what controls need sample testing is time-consuming and tedious. Since all the information is in MyCSF - why not make it much easier for us and develop the test plan automatically based on scope and factors? At least give us a list of which controls need testing and we can place that in the excel spreadsheet format.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  1 comment  ·  Documents & Evidence  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Provide a popup saying Thank you, your approval has been generated, or something letting the customer know that it worked. We probably clicked on it a dozen times before I called support. Support told me that it "just work that way". Please add some kind of response.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Clients should be able to pull a report to show the scoring breakdown of partially inherited requirement statements. The client can better prioritize their remediation plans by knowing what their portion of the score was.

    For example, a client may have partially inherited a score of 100% from a service provider with a weight of 75%. The client has not implemented this requirement in the portion of the environment that they are responsible for, so the remaining 25% of the score is 0%. Once the inheritance calculation occurs, the weighted average score that will appear in MyCSF and in their…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Inheritance & Shared Responsibility  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Customers lose visibility of the percentage number displayed in the inheritance request box when changing the browser zoom. Update display characteristics to dynamically change text size so a number is always present regardless of zoom. Zoom from 75% up to 150 percent should be supported.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Inheritance & Shared Responsibility  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Have the box turn green in each of the phases as they are completed. If something comes back and moves it to a lower phase make it red, the next phase should be highlighted in a new color.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  General Usability  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Field Update
    - Please add "Response Date" column in the table to analyze our SLA matrix
    - "Filter" : Please provide "Select All" checkbox so that by unchecking it we can select the required filter, right now, all fields and data items are marked in "Filter", it takes time to deselect every one of them.
    - Show total count for "All" like you have count specified for other fields e.g. "Approved (3000), Rejected (40)...et.c

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Inheritance & Shared Responsibility  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Adding a Dynamic Dashboard for Analysis purpose which can include options to create a dynamic / real time dashboard for Cloud Service Providers as well as Subscribers including but not limited to the following -
    - Month wise Inheritance Requests received
    - Subscriber wise IRs received
    - Status Report (Created | Approved | Rejected | Cancelled ...etc.)
    - Realtime Trend analysis to show increase / decrease in IRs.

    For Subscriber -
    - Realtime status report for their requests (Approved , Rejected ...etc.)

    Also a feature of Automated notification to CSPs and Subscribers on a
    weekly / Monthly / Yearly basis…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. When possible, authoritative sources should always appear as hyperlinks to the source itself. For example, anytime we show "NIST 800-53 R4 Control A-20" as a source, it should be presented at a link to https://nvd.nist.gov/800-53/Rev4/control/AC-20. These links should appear when authoritative sources are presented in the "References" section in the tool as well as within the sources presented in the "More Info > Authoritative Sources" window specific to the individual requirement statements.

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  General Usability  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. When creating a targeted assessment, MyCSF should show a percentage of the coverage of the authoritative source's requirements provided through the targeted assessment.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Custom & Targeted Assessments  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Once a control is selected for inheritance and the details are entered the inheritance button should change to another color. It would allow users to more easily track what work has already been completed and allow you a feature to develop reporting upon for what is currently selected.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Planned  ·  0 comments  ·  Inheritance & Shared Responsibility  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Flag the assessment as insufficient for a NIST certification prior to being submitted to HITRUST so that the entity and assessor can verify the scores for those requirement statements. Also a list of requirement statements that apply to a NIST certification would be helpful.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Potential Quailty Issues (PQIs)  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Provide option to automatically update MyCSF score related to CAP (Policy/Procedure/Implementation) for all requirements related to CAP upon selection of "completed" stage.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Corrective Action Plans (CAPs)  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. Update the role names under Names and Security. As assessors we are often assigned "Assessment Lead" rather than "Assessor". "Subscriber" is used elsewhere to identify those being assessed (e.g., Subscriber Comments). The identifiers should be consistent across the platform. Thanks.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Name & Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. Suggestion to add a document report which can show which document related to Policy, Procedure and evidence. Hence, we can filter out which file(s) was used for evidence and which file(s) were used for P&P.
    Thanks

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Under Specification  ·  0 comments  ·  Analytics & Reporting  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?