Skip to content

MyCSF

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

251 results found

  1. Adding a Dynamic Dashboard for Analysis purpose which can include options to create a dynamic / real time dashboard for Cloud Service Providers as well as Subscribers including but not limited to the following -
    - Month wise Inheritance Requests received
    - Subscriber wise IRs received
    - Status Report (Created | Approved | Rejected | Cancelled ...etc.)
    - Realtime Trend analysis to show increase / decrease in IRs.

    For Subscriber -
    - Realtime status report for their requests (Approved , Rejected ...etc.)

    Also a feature of Automated notification to CSPs and Subscribers on a
    weekly / Monthly / Yearly basis…

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Provide a popup saying Thank you, your approval has been generated, or something letting the customer know that it worked. We probably clicked on it a dozen times before I called support. Support told me that it "just work that way". Please add some kind of response.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Update the role names under Names and Security. As assessors we are often assigned "Assessment Lead" rather than "Assessor". "Subscriber" is used elsewhere to identify those being assessed (e.g., Subscriber Comments). The identifiers should be consistent across the platform. Thanks.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Clients should be able to pull a report to show the scoring breakdown of partially inherited requirement statements. The client can better prioritize their remediation plans by knowing what their portion of the score was.

    For example, a client may have partially inherited a score of 100% from a service provider with a weight of 75%. The client has not implemented this requirement in the portion of the environment that they are responsible for, so the remaining 25% of the score is 0%. Once the inheritance calculation occurs, the weighted average score that will appear in MyCSF and in their…

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Customers lose visibility of the percentage number displayed in the inheritance request box when changing the browser zoom. Update display characteristics to dynamically change text size so a number is always present regardless of zoom. Zoom from 75% up to 150 percent should be supported.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Have the box turn green in each of the phases as they are completed. If something comes back and moves it to a lower phase make it red, the next phase should be highlighted in a new color.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Field Update
    - Please add "Response Date" column in the table to analyze our SLA matrix
    - "Filter" : Please provide "Select All" checkbox so that by unchecking it we can select the required filter, right now, all fields and data items are marked in "Filter", it takes time to deselect every one of them.
    - Show total count for "All" like you have count specified for other fields e.g. "Approved (3000), Rejected (40)...et.c

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. When possible, authoritative sources should always appear as hyperlinks to the source itself. For example, anytime we show "NIST 800-53 R4 Control A-20" as a source, it should be presented at a link to https://nvd.nist.gov/800-53/Rev4/control/AC-20. These links should appear when authoritative sources are presented in the "References" section in the tool as well as within the sources presented in the "More Info > Authoritative Sources" window specific to the individual requirement statements.

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. When creating a targeted assessment, MyCSF should show a percentage of the coverage of the authoritative source's requirements provided through the targeted assessment.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. Flag the assessment as insufficient for a NIST certification prior to being submitted to HITRUST so that the entity and assessor can verify the scores for those requirement statements. Also a list of requirement statements that apply to a NIST certification would be helpful.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Provide option to automatically update MyCSF score related to CAP (Policy/Procedure/Implementation) for all requirements related to CAP upon selection of "completed" stage.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Suggestion to add a document report which can show which document related to Policy, Procedure and evidence. Hence, we can filter out which file(s) was used for evidence and which file(s) were used for P&P.
    Thanks

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Under "Assessment Options" consider rephrasing this question as follows - the "Report Processing" piece being capitalized makes it seem like a specific offering type, which is confusing.
    - From: "Will this Assessment be submitted to HITRUST for Report Processing?"
    - To: "Will this Assessment be submitted to HITRUST for certification?" or something similar.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Similar to waiting for DMV or to see a doctor, continually show assessment status. For example, state there are 30 assessments ahead of our submission, and update as our submission moves up the queue. Or show submitted assessment has an estimated 8 weeks to be viewed by QA assessor and adjust as the assessment gets closer to being viewed. It would be helpful to know this.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Allow offline work and upload to MyCSF for CAPs

    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. Allow documents to be tagged as third party assurance reports in interims, bridges, and readiness assessments. Currently they can only be tagged as such in validated assessments.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. A search bar present in the "Assessment" page which searches the entire assessment for the given search term. The only search capability currently present are in the documents repository, and it only searches the document descriptions and document names. This new assessment-wide search should consider:
    - customer comments
    - assessor comments
    - requirement IDs
    - requirement statements
    - document names
    - document descriptions
    - CAP responses
    - diary entries
    - scoping factor responses
    - (pretty much everything entered in an assessment)

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. Current CSF controls do not take into account new remote working due to pandemic. The current CSF controls are not accurately reflecting current working environment and controls.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. When a client goes in and enters in their Corrective Action Plans, I think it would be helpful to have some supplementary guidance within the CAP form that describes what information HITRUST’s Assurance Team is going to expect during QA. As it stands now, there is very little context on what a client needs to provide in the ‘Corrective Action Plan’ box and it leads to some mixed results from the QA team. It would also be nice to understand the scored maturities within the CAP form rather than having to click out of the CAP box to see what…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. For timesheets and QA Sheets - it would be best to have this done electronically. Especially since we are remote - it's easier to have Executive and QA use the same document and electronically sign/initial.

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?