262 results found
-
michael.frederick@hitrustalliance.net
Allow for offline interim assessments with same features as full assessments.
1 vote -
Combine HIPAA Compliance Pack Spreadsheets
Combine the spreadsheets in the HIPAA compliance pack into one spreadsheet.
2 votes -
Change Versions on Custom Assessment Library
custom assessment library
2 votes -
Inheritance Expiration
Indicate when an inheritance is going to expire in less than XX days.
Be able to identify in MyCSF analytics which requirements are inherited (customer view) and if any are expiring in less than 180 days.3 votes -
Include requirement number when searching linked documents through Documents tab.
Right now, there is just the requirement statement and many times, if the document is attached in a domain more than once, it isn't even shown in order, so you have to search all around to find the requirement statement rather than just have the requirement number itself carry over into that Linked Statements Document view and easily searchable.
6 votes -
CAP Report Additional Information
Customer would like to include the CAP title, Domain, and Requirement statement ID associated with the CAP in the CAP report.
4 votes -
How do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?
ow do i find out the percentage of Hospitals that have achieved HiTrust Certification? The Percentage that do not?
1 vote -
Automated Sample Test Plan
The process by which we as assessors take to determine what controls need sample testing is time-consuming and tedious. Since all the information is in MyCSF - why not make it much easier for us and develop the test plan automatically based on scope and factors? At least give us a list of which controls need testing and we can place that in the excel spreadsheet format.
9 votes -
Option to NOT include attachments from previous certification in the next assessment object
When creating a new assessment object AFTER already having been certified (i.e., in a re-certification scenario), MyCSF should have an option to include or NOT include the documentation linkages present in the previous assessment object.
26 votes -
3 votes
-
Reset button pop up help
Pop up help on dashboard "reset" button
1 vote -
Inheritance Request Dynamic Dashboard
Adding a Dynamic Dashboard for Analysis purpose which can include options to create a dynamic / real time dashboard for Cloud Service Providers as well as Subscribers including but not limited to the following -
- Month wise Inheritance Requests received
- Subscriber wise IRs received
- Status Report (Created | Approved | Rejected | Cancelled ...etc.)
- Realtime Trend analysis to show increase / decrease in IRs.For Subscriber -
- Realtime status report for their requests (Approved , Rejected ...etc.)Also a feature of Automated notification to CSPs and Subscribers on a
weekly / Monthly / Yearly basis…3 votes -
When I click on the HITRUST CSF Draft Report Approved Button, it doesn't give any indication that it is doing anything.
Provide a popup saying Thank you, your approval has been generated, or something letting the customer know that it worked. We probably clicked on it a dozen times before I called support. Support told me that it "just work that way". Please add some kind of response.
4 votes -
Standardize role names
Update the role names under Names and Security. As assessors we are often assigned "Assessment Lead" rather than "Assessor". "Subscriber" is used elsewhere to identify those being assessed (e.g., Subscriber Comments). The identifiers should be consistent across the platform. Thanks.
3 votes -
Report to show the scoring breakdown of partially inherited requirement statements
Clients should be able to pull a report to show the scoring breakdown of partially inherited requirement statements. The client can better prioritize their remediation plans by knowing what their portion of the score was.
For example, a client may have partially inherited a score of 100% from a service provider with a weight of 75%. The client has not implemented this requirement in the portion of the environment that they are responsible for, so the remaining 25% of the score is 0%. Once the inheritance calculation occurs, the weighted average score that will appear in MyCSF and in their…
4 votes -
Update Inheritance percentage selection box
Customers lose visibility of the percentage number displayed in the inheritance request box when changing the browser zoom. Update display characteristics to dynamically change text size so a number is always present regardless of zoom. Zoom from 75% up to 150 percent should be supported.
2 votes -
KABAN View
Have the box turn green in each of the phases as they are completed. If something comes back and moves it to a lower phase make it red, the next phase should be highlighted in a new color.
2 votes -
Inheritance Approval Table enhancement
Field Update
- Please add "Response Date" column in the table to analyze our SLA matrix
- "Filter" : Please provide "Select All" checkbox so that by unchecking it we can select the required filter, right now, all fields and data items are marked in "Filter", it takes time to deselect every one of them.
- Show total count for "All" like you have count specified for other fields e.g. "Approved (3000), Rejected (40)...et.c2 votes -
Authoritative sources should be hyperlinks back to the authoritative source text where possible
When possible, authoritative sources should always appear as hyperlinks to the source itself. For example, anytime we show "NIST 800-53 R4 Control A-20" as a source, it should be presented at a link to https://nvd.nist.gov/800-53/Rev4/control/AC-20. These links should appear when authoritative sources are presented in the "References" section in the tool as well as within the sources presented in the "More Info > Authoritative Sources" window specific to the individual requirement statements.
10 votes -
Assessment-wide search capability
A search bar present in the "Assessment" page which searches the entire assessment for the given search term. The only search capability currently present are in the documents repository, and it only searches the document descriptions and document names. This new assessment-wide search should consider:
- customer comments
- assessor comments
- requirement IDs
- requirement statements
- document names
- document descriptions
- CAP responses
- diary entries
- scoping factor responses
- (pretty much everything entered in an assessment)8 votes
- Don't see your idea?