-
How do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?
ow do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?
1 vote -
Option to NOT include attachments from previous certification in the next assessment object
When creating a new assessment object AFTER already having been certified (i.e., in a re-certification scenario), MyCSF should have an option to include or NOT include the documentation linkages present in the previous assessment object.
25 votes -
Inheritance Expiration
Indicate when an inheritance is going to expire in less than XX days.
Be able to identify in MyCSF analytics which requirements are inherited (customer view) and if any are expiring in less than 180 days.2 votes -
3 votes
-
Reset button pop up help
Pop up help on dashboard "reset" button
1 vote -
Publish changelog and alert when the CSF is changed, but version number not incremented
When changes are made to the CSF, but the version number is not bumped, a changelog should be published and assessors and subscribers should be alerted. Currently subscribers often create spreadsheets of requirements for internal use as they prepare for their next assessment.
Sometimes, for a variety of reasons, the assessment object may get refreshed or even deleted and recreated. If a change has occurred to the CSF that didn't bump the version number, the subscriber will end up with an assessment object that doesn't 100% align with their preparation efforts. This is usually not discovered until well into the…
2 votes -
Automated Sample Test Plan
The process by which we as assessors take to determine what controls need sample testing is time-consuming and tedious. Since all the information is in MyCSF - why not make it much easier for us and develop the test plan automatically based on scope and factors? At least give us a list of which controls need testing and we can place that in the excel spreadsheet format.
7 votes -
When I click on the HITRUST CSF Draft Report Approved Button, it doesn't give any indication that it is doing anything.
Provide a popup saying Thank you, your approval has been generated, or something letting the customer know that it worked. We probably clicked on it a dozen times before I called support. Support told me that it "just work that way". Please add some kind of response.
4 votes -
Report to show the scoring breakdown of partially inherited requirement statements
Clients should be able to pull a report to show the scoring breakdown of partially inherited requirement statements. The client can better prioritize their remediation plans by knowing what their portion of the score was.
For example, a client may have partially inherited a score of 100% from a service provider with a weight of 75%. The client has not implemented this requirement in the portion of the environment that they are responsible for, so the remaining 25% of the score is 0%. Once the inheritance calculation occurs, the weighted average score that will appear in MyCSF and in their…
4 votes -
Update Inheritance percentage selection box
Customers lose visibility of the percentage number displayed in the inheritance request box when changing the browser zoom. Update display characteristics to dynamically change text size so a number is always present regardless of zoom. Zoom from 75% up to 150 percent should be supported.
2 votes -
KABAN View
Have the box turn green in each of the phases as they are completed. If something comes back and moves it to a lower phase make it red, the next phase should be highlighted in a new color.
2 votes -
Inheritance Approval Table enhancement
Field Update
- Please add "Response Date" column in the table to analyze our SLA matrix
- "Filter" : Please provide "Select All" checkbox so that by unchecking it we can select the required filter, right now, all fields and data items are marked in "Filter", it takes time to deselect every one of them.
- Show total count for "All" like you have count specified for other fields e.g. "Approved (3000), Rejected (40)...et.c2 votes -
Inheritance Request Dynamic Dashboard
Adding a Dynamic Dashboard for Analysis purpose which can include options to create a dynamic / real time dashboard for Cloud Service Providers as well as Subscribers including but not limited to the following -
- Month wise Inheritance Requests received
- Subscriber wise IRs received
- Status Report (Created | Approved | Rejected | Cancelled ...etc.)
- Realtime Trend analysis to show increase / decrease in IRs.For Subscriber -
- Realtime status report for their requests (Approved , Rejected ...etc.)Also a feature of Automated notification to CSPs and Subscribers on a
weekly / Monthly / Yearly basis…2 votes -
Authoritative sources should be hyperlinks back to the authoritative source text where possible
When possible, authoritative sources should always appear as hyperlinks to the source itself. For example, anytime we show "NIST 800-53 R4 Control A-20" as a source, it should be presented at a link to https://nvd.nist.gov/800-53/Rev4/control/AC-20. These links should appear when authoritative sources are presented in the "References" section in the tool as well as within the sources presented in the "More Info > Authoritative Sources" window specific to the individual requirement statements.
10 votes -
Show % coverage of authoritative source when creating a targeted assessment
When creating a targeted assessment, MyCSF should show a percentage of the coverage of the authoritative source's requirements provided through the targeted assessment.
1 vote -
Inheritance Color Coding
Once a control is selected for inheritance and the details are entered the inheritance button should change to another color. It would allow users to more easily track what work has already been completed and allow you a feature to develop reporting upon for what is currently selected.
3 votes -
Nist certifications
Flag the assessment as insufficient for a NIST certification prior to being submitted to HITRUST so that the entity and assessor can verify the scores for those requirement statements. Also a list of requirement statements that apply to a NIST certification would be helpful.
3 votes -
Automatic Update upon CAP completion
Provide option to automatically update MyCSF score related to CAP (Policy/Procedure/Implementation) for all requirements related to CAP upon selection of "completed" stage.
2 votes -
Standardize role names
Update the role names under Names and Security. As assessors we are often assigned "Assessment Lead" rather than "Assessor". "Subscriber" is used elsewhere to identify those being assessed (e.g., Subscriber Comments). The identifiers should be consistent across the platform. Thanks.
2 votes -
Comprehensive Document report
Suggestion to add a document report which can show which document related to Policy, Procedure and evidence. Hence, we can filter out which file(s) was used for evidence and which file(s) were used for P&P.
Thanks2 votes
- Don't see your idea?