Under "Assessment Options" consider rephrasing this question as follows - the "Report Processing" piece being capitalized makes it seem like a specific offering type, which is confusing.
- From: "Will this Assessment be submitted to HITRUST for Report Processing?"
- To: "Will this Assessment be submitted to HITRUST for certification?" or something similar.

Allow documents to be tagged as third party assurance reports in interims, bridges, and readiness assessments. Currently they can only be tagged as such in validated assessments.

A search bar present in the "Assessment" page which searches the entire assessment for the given search term. The only search capability currently present are in the documents repository, and it only searches the document descriptions and document names. This new assessment-wide search should consider:
- customer comments
- assessor comments
- requirement IDs
- requirement statements
- document names
- document descriptions
- CAP responses
- diary entries
- scoping factor responses
- (pretty much everything entered in an assessment)

Allow offline work and upload to MyCSF for CAPs

Similar to waiting for DMV or to see a doctor, continually show assessment status. For example, state there are 30 assessments ahead of our submission, and update as our submission moves up the queue. Or show submitted assessment has an estimated 8 weeks to be viewed by QA assessor and adjust as the assessment gets closer to being viewed. It would be helpful to know this.

For timesheets and QA Sheets - it would be best to have this done electronically. Especially since we are remote - it's easier to have Executive and QA use the same document and electronically sign/initial.

Suggestion. It would be helpful if you put a link in the NEED HELP popup that indicates "Click here for User Guide"; And or as a tab at the top of every screen. Every time I have a problem, I try to figure out where the tab is. Because I am thinking of many things at once, I usually contract the Help Desk. Thank you, Anita Harris

In the kanban view, the little (i) icons can be moused over to see how many outstanding items exist for the assessed entity, the assessor, or HITRUST. It would be helpful if there was a 4th task "owner" listed to reflect how many outstanding inheritance requests exist which are preventing the assessment from leaving the phase / state. Right now these are all showing up under the assessed entity, but in reality the assessed entity could be waiting for one of their service providers to approve their inheritance requests.

For requirements involving inheritance, there should be a button where the external assessors can either agree with the selected inheritance weight or disagree and suggest a new inheritance weight, similar to what exists for the maturity level scores. Rejecting the weight would send the requirement back to the client.

MyCSF should have a mechanism to suggest scoping factor changes based upon a pattern of Not Applicables applied when responding to the Assessment

for N/A requirements, change to a single "agree with N/A"

Current CSF controls do not take into account new remote working due to pandemic. The current CSF controls are not accurately reflecting current working environment and controls.

MyCSF should display the scoring weights that are in use for the assessment object on the assessment page to avoid confusion around which weights are being utilized.

Use different contrasting colors for the two options below, please.

Response Status: External Assessor Review Complete
Response Status: External Assessor Review Pending

Unique IDs should be apparent throughout MyCSF and within all reports and analytic tools. For example, a user should not have the click on the "Expand" button within the Assessment to view the unique IDs. Unique IDs should also be available when linking documents, rather than trying to match up the statement language. All reports and analytic tools should reference unique IDs when presenting material by requirement statement.

references

Have an option to automatically generate a CAP entry for all requirements scored with a gap. CAP name would include (Auto "control name" )

Something like the attached example