316 results found
-
CAP Management is far too time consuming
CAP management, especially when creating cloned objects to simply run hypothetical scenarios or to plan for a future, is far too inefficient.
There needs to be the ability to "select" via a check box all of the "links" to a CAP and delete them all at once.
There also needs to be the ability to do the same at the CAP level so that they can be deleted en masse.
It should not take anywhere from 10-80 (!!!) individual clicks and actions to simply delete a CAP.6 votesThis is an excellent idea, and it's actually already included in a CAP handling and reporting improvement initiative slated for roll-out a little later this year. I attached a screenshot of the mock-up. Thanks for the feedback and for your patience as we continue to improve the CAP functionality in MyCSF. If you're interested, we're happy to have a call to walk you through the rest of the CAP enhancements included in the initiative.
-
When viewing the linked documents for a particular Requirement Statement, documents should download with the original file name.
Linked documents, when downloaded from the linked documents pop-up, are first previewed in the new document preview window, and when downloaded, are presented with a guid-style file name instead of the original name.
7 votes -
Organize compliance factors by type
It would be helpful to organize the various authoritative sources on the factors page by type, similar to how the sources are organized in Microsoft's Trust Center. See pic for their example.
2 votes -
Map CSF to COSO Principles
Map CSF controls to COSO Principles in the HITRUST CSF Authoritative Sources Cross Reference
1 vote -
Data Clean Up
remove acccess to previous subscriber's data if non renewal
4 votes -
HITRUST Assessment Markup Language
This would allow an assessed entity or assessor to highlight and mark test in documents and automatically create a link to the control requirement statement from which it was accessed and allow them to select the maturity domain that the highlighted text supports. This could also be granular enough to allow it to tie to requirement criteria as defined in illustrative procedures and listed in MyCSF.
1 vote -
Additional feedback to Enumerate Illustrative Procedures...
Illustrative Procedures are presented in 'narrative' form. Given that the number of 'elements' in an Illustrative Procedure factors into the scoring formula, might not be optimum as ambiguous results can arise based on individual interpretation of the number of elements (not everyone is a champion sentence parser). Ergo, suggestions for revised Illustrative Procedures could be:
1) Bulletized elements with a numeric count provided; or
2) Embedded numbering (e.g. 01, _02, 03, etc.) to identify each salient element again with a numeric count.Additionally, dynamically providing enough blank fields (i.e. # of elements * 5 maturities) in client response areas…
6 votes -
collaboration
Very confusing whether multiple people can work in an assessment at one time or not. Sometimes save works, sometimes it doesn't and reverts to previous states. Make it clear how it works with clear UX like in google docs.
1 vote -
Implement a "Preview" CAPs option
Implement a "Preview" CAPs option before a "Generate" CAPs once the assessment is complete to enhance the QA process, allowing for the client to vet the caps and make sure they are confirmed allowing for more completeness, accuracy and integrity to the overall process.
5 votes -
Update "Change / Cancellation Policy" section on the Reservation tab
Can you update the "Change / Cancellation Policy" section on the Reservation tab to include the requirement that your submission date cannot be less than 2 weeks before the QA block selected. This requirement is not written out anywhere online but is enforced.
1 vote -
Make it easier to recall or reverse and assessment
It is difficult to reverse an assessment if a domain has been submitted. I am proposing making it easier for a submitter to reverse an assessment if it was submitted in error. Or add functionality so that organizational information can be updated even if a domain has been submitted for an external assessor review.
1 vote -
SSO through OIDC or SAML
SSO through OIDC or SAML. For a framework that places a heavy emphasis on role-based access controls and centralized identity management it seems only fitting that HITRUST implemented either OIDC or SAML.
12 votes -
API for External Assessor
Similar to the customer's offline assessment, the external assessors would like to have this ability as well.
2 votes -
2 votes
-
Required CAP Analytics Options
Currently there doesn't seem to be a single report that can be run that would filter all requirements needing a CAP AND the assessor comments. This may overlap with upcoming offline CAP worksheets, but currently is a manual process to create something incorporating all the information internal stakeholders want to see.
3 votes -
Selecting filtered inheritance requests should not select ALL inheritance requests
Steps to reproduce: Filter on rejected inheritance requests. Click "select All". Click on "remove" to delete the rejected requests. Poof! All your inheritance requests, even those already approved, will be gone. You can verify this without actually deleting them by clicking over to other views and observing all inheritance requests are selected after just selecting the rejected requests. Recovering from this bug is a manual, time consuming process.
1 vote -
Issue with offline upload
Hello, I'm having issues uploading the offline assessment to Opt1 – Shearwater Health 2022 Validated Assessment. It's saying 0 rows saved and 0 blank rows were skipped, but not updating the scores
2 votes -
Bulk Deletion
This is especially relevant to cloned assessments in my experience, but it would be nice if MyCSF had a feature to bulk-delete uploaded documents in the "Documents" section.
5 votes -
RDS
Add RDS button to the top panel - not intuitive as to how to get back to the options page
2 votes -
Adding a "LINKAGE" sheet in uploaded Excel workbooks tells MyCSF where to link the sheet throughout the assessment
Linking evidence throughout an assessment is time-consuming. To make it a tiny bit easier, and specifically when adding an Excel file as evidence, MyCSF should look for a LINKAGE worksheet in the uploaded workbook. If found, MyCSF should use the contents of that LINKAGE sheet to know where to link the workbook throughout the assessment.
The contents of the linkage sheet could be as simple as:
• column A: BUID or CVID of the requirement to link the workbook to
• column B: Link to the Policy level (Yes/No)
• column C: Link to the Process level (Yes/No)
• column…1 vote
- Don't see your idea?