Search
Related topics are listed below.
External Inheritance
Inheritance » External Inheritance
External Inheritance allows users to “inherit” assessment results that are shared by the same or different organizational entity. Access and use of external inheritance is subject to the following requirements and available functionality: The owner of the…
How To Create External Inheritance Requests by Requirement
Inheritance » External Inheritance » Inheritance Requestors » How To Create External Inheritance Requests by Requirement
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal window. 2. From the ‘Requests’ tab within the Inheritance Modal, select ‘External’ from the drop-down for the…
Inheritance
Inheritance
Inheritance is a feature within MyCSF that allows maturity level scores associated with specific requirements to be transferred, or “inherited”, from previously scored assessment objects. Maturity scores that originated from an “inheritable” assessment…
How To Delete External Inheritance Requests
Inheritance » External Inheritance » Inheritance Requestors » How To Delete External Inheritance Requests
Follow the same steps in 8.1.3 for deleting internal inheritance requests. 1. Locate the Inheritance Request in the Inheritance modal, then click on the trash can icon to delete. 2. Confirm the removed. 3. The request has been deleted.
How To Apply Approved External Inheritance Requests
Inheritance » External Inheritance » Inheritance Requestors » How To Apply Approved External Inheritance Requests
1. From anywhere within the Assessment view, go to the ‘Inheritance’ request page by clicking on the ‘Inheritance’ link located on the left-hand side panel after the ‘Documents’ section. 2. From the ‘Inheritance’ request page, click on the…
Internal Inheritance
Inheritance » Internal Inheritance
Internal Inheritance allows users to “inherit” assessment results that are shared by the same internal organizational entity. Access and use of internal inheritance is subject to the following requirements and available functionality: The owner(s) of both the…
How To Submit External Inheritance Requests for Approval
Inheritance » External Inheritance » Inheritance Requestors » How To Submit External Inheritance Requests for Approval
1. From anywhere within the Assessment view, go to the ‘Inheritance’ request page by clicking on the ‘Inheritance’ link located on the left-hand side panel after the ‘Documents’ section. 2. From the ‘Inheritance’ request page, click on the…
How To Request Inheritance Using the Offline Assessment Template
Inheritance » External Inheritance » Inheritance Requestors » How To Request Inheritance Using the Offline Assessment Template
To create inheritance requests using the offline assessment, first generate the offline assessment worksheet using the process outlined in the Creating an Offline Assessment section of the User Guide. Locate and click the “Inheritance” tab in the Offline…
Offline Assessment – Inheritance
Assessment Questionnaire » Completing an Assessment » Offline Assessment – Inheritance
The Offline Assessment feature may be used to populate inheritance requests. For more information refer to the following link: How to Request Inheritance using the Offline Assessment Template
External Reports
Analytics » Reports » External Reports
These reports are available for subscribers to view their MyCSF Scoping Information as well as Documents, CAPs entered, Maturity Scores, and the state of your Assessment in the ‘QA Progress Report’. Internal Reports After authenticating through the…
How To Delete Internal Inheritance Requests
Inheritance » Internal Inheritance » How To Delete Internal Inheritance Requests
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal. 2. Within the Inheritance Modal, go the ‘Requests’ tab and select ‘Internal’ from the drop-down. 3. Click…
How To Create/Apply Internal Inheritance Requests
Inheritance » Internal Inheritance » How To Create/Apply Internal Inheritance Requests
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button (yellow underline) to open the Inheritance window. 2. From the ‘Requests’ tab within the Inheritance window, select ‘Internal’ from the…
Submitting External Assessor Reverted Controls Back to the External Assessor
Assessment Questionnaire » Submitting an Assessment » Submitting External Assessor Reverted Controls Back to the External Assessor
When an External Assessor reverts an Assessment Statement back to their client, the returned Assessment Statement will display a “Response Needed for External Assessor” status. To address these Assessment Statements, you as the client will need to do the…
How To Use the Kanban View To Track Inheritance Requests
Inheritance » External Inheritance » Inheritance Requestors » How To Use the Kanban View To Track Inheritance Requests
The Kanban reporting view can be used to confirm the submitted inheritance requests. Find the Kanban board by: 1. Clicking the Views option in MyCSF and selecting the Kanban View. 2. Then filter for the assessment object name. Hovering over the assessment tile…
Request a Revision for an Issued Report
Reports » r2 and i1 Assessments » Request a Revision for an Issued Report
If you have discovered a spelling error or any type of inaccuracy in your ‘Draft Report’, you can request a revision by pressing the ‘Request Revision’ button. You will be able to place your comment in a text box that you can send to the HITRUST Assurance…
How To View Externally-Inherited Assessment Scores
Inheritance » External Inheritance » Inheritance Requestors » How To View Externally-Inherited Assessment Scores
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal. 2. Within the Inheritance Modal, click on the ‘Scoring’ tab. The first line shows the external assessment from which…
How To View Internally-Inherited Assessment Scores
Inheritance » Internal Inheritance » How To View Internally-Inherited Assessment Scores
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal. 2. Within the Inheritance Modal, click on the ‘Scoring’ tab. The first line shows the internal assessment from which…
Approving a Draft Report
Reports » r2 and i1 Assessments » Approving a Draft Report
‘Draft Reports’ are automatically approved 30 days after posting. However, the reports can be manually approved prior to the 30 days, by selecting the ‘Approve HITRUST CSF Report’ button on the ‘CSF Reports’ section, HITRUST will then be notified to…
Enabling Internal Assessors On Your Assessment
Internal Assessors » Enabling Internal Assessors On Your Assessment
After your Internal Assessor application has been approved, the Name and Security page on your Organization’s Assessment will be altered to include a checkbox allowing you to mark your Assessment as having been tested by Internal Assessors. When selected, you will be…
Applying to be an Internal Assessor
Internal Assessors » Applying to be an Internal Assessor
Internal Assessors are those personnel who facilitate the CSF Assessment process by performing in-house testing in advance of an External Assessor’s validated assessment fieldwork. Internal Assessors are part of an “Internal Assessment Function.” This function…
Uploading Evidence
Documents » Uploading Evidence
Upload a piece of evidence you believe will aid you in your assessment. The documents you provide will help support the ‘Assessor’ on why certain Maturity Value selections were made. From the MyCSF Homepage, click on the Assessment name you would like to…
Assessor Timesheet
Documents » Assessor Timesheet
Required for all Validated Assessments, assessor organizations must record all individuals that assisted with the submission of the assessment. External Assessor Time Sheet 1. On the sidebar, click the ‘Time Sheet’ label to be rushed to the Time Sheet page.…
How to Publish (Enable) Assessment Inheritability
Inheritance » External Inheritance » Inheritance Providers » How to Publish (Enable) Assessment Inheritability
From the ‘Name & Security’ pre-assessment page, check the box next to “Published” and click Confirm when prompted to agree to the Inheritance User Terms and Conditions. A published assessment will show a banner icon with a hover-over tooltip next the…
MyCSF Compliance and Reporting Packs
Analytics » MyCSF Compliance and Reporting Packs
MyCSF Compliance and Reporting Pack for HIPAA Step 1: Create a readiness, validated, or targeted assessment using v9.5.0 or later which includes the HIPAA breach notification rule and/or HIPAA security rule. Step 2: Go to Analytics > Compliance Packs > Select…
r2 and i1 Assessments
Reports » r2 and i1 Assessments
Report creation and distribution for i1 and r2 assessments follow the same workflow in MyCSF: Downloading the Report Request a Revision for an Issued Report Approving a Draft Report
Reports
Reports
Reports issued against the HITRUST CSF are uploaded and shared within MyCSF. Follow the steps outlined in these topics for help downloading, approving, and requesting changes for a Report. From the MyCSF Homepage, click on the Assessment name of the report you…
Reports
Analytics » Reports
Find your Internal and External Reports housed under the ‘Reports’ section of the ‘Analytics’ portion of ‘MyCSF’. Reports After authenticating through the MyCSF Portal, click on ‘Analytics’ in the top Menu bar. Once…
Completing your Internal Assessor Time Sheet
Internal Assessors » Completing your Internal Assessor Time Sheet
Like External Assessors, Internal Assessors are obligated to document both the individuals who performed Internal Assessor duties on the Assessment as well as the hours they each committed. On the sidebar, click the ‘Internal Assessor Time Sheet’ label to be…
Library Retention
Pre-Assessment » Scoping an Assessment » Library Retention
The Library Retention feature provides visibility into specific changes associated with HITRUST CSF version updates, and allows users to apply those changes to assessment objects created under previous versions of the framework. To begin the update process, open an…
Internal Assessors
Internal Assessors
Organizations, that are capable of demonstrating proficiency within their Internal Audit departments, are permitted to test their own Requirement Statements and enable their External Assessor to rely on the results. Click here to learn more. Sub-topics Applying to…
HITRUST’s Criteria for Submission
Assessment Questionnaire » Submitting an Assessment » HITRUST’s Criteria for Submission
If you have completed all of the Assessments Statements in either your Self or Validated Assessment to HITRUST, please verify that the below is covered before submitting it. 1. Ensure that the following Required Documents have been uploaded with the correct dates as…
Submitting an Assessment
Assessment Questionnaire » Submitting an Assessment
Whether submitting a Self-Assessment or a Validated Assessment by your assessor organization, the Assessment Questionnaire can be submitted either by each fully completed domain (Validated only) or by completing the entire Assessment (Self-Assessment/Validated…
Answering Requirement Statements
Internal Assessors » Answering Requirement Statements
By Default, all Requirement Statements will be inherently owned by Management. If you wish to provide the scoring as an Internal Assessor, you can either designate individual Requirement Statements or entire Assessment Domains as having be addressed by an Internal…
Home
Analytics » Dashboards » Home
Here you will see your total ‘Assessments’, ‘Avg. Maturity Score per Domain’, as well as your ‘Gap Status’, and ‘Residual Risk Rating’ charts. Home – Here is the homepage you will automatically arrive at upon…
Scoping an Assessment
Pre-Assessment » Scoping an Assessment
The scope of the Assessment is the information about your organization that will be used to narrow down the most precise assessment for your compliance and security needs. Fields marked with red asterisks are mandatory. After authenticating through the HITRUST…
Comparisons
Analytics » Dashboards » Assessments » Assessments » Comparisons
Compare your Assessments and create your own observations between maturity scores and on where your security stands per Domain, or Statement. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in each of your…
Status
Analytics » Dashboards » Assessments » Assessments » Status
View your chosen Assessment by ‘Status’ to further clarify how fast your Assessment is moving in either the ‘Self-Assessment’, ‘Validated Assessment’ or ‘Targeted Assessment Process’. Assessments – View your…
Filters
Analytics » Dashboards » Filters
Use the Filters module to narrow down a search on specific Statements you may be looking for and the Assessments they may lie in. This includes filters such as Not Applicable, In Scope, Required for CSF Certification, Maturity Rating, and Gap Rating. Filters –…
Making a Reservation
Reservations » Making a Reservation
Reservations allow you to have more awareness into when your validated assessment will be reviewed by the HITRUST Quality Assurance team. You can set one up seamlessly within your assessment. From the MyCSF Homepage, click on the i1 or r2 validated assessment for…
Setting User Access
Pre-Assessment » Creating a New Assessment » Name & Security » Setting User Access
From the Name & Security page, you will be able to set the users associated with this Assessment under the People section. Place your users in the table as either No Access, Assessment Lead, Standard User, Customer Respondent, Read Only, or a Custom Role. You can…
Adding a Related Document
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » Adding a Related Document
If you wish to document evidence for an Assessment Statement, use the related documents functionality. You can either reference items previously uploaded or new items that are not yet in your Document repository. From the MyCSF Homepage, click the Assessment…
How to Unpublish (Disable) Assessment Inheritability
Inheritance » External Inheritance » Inheritance Providers » How to Unpublish (Disable) Assessment Inheritability
From the ‘Name & Security’ pre-assessment page, uncheck the box next to “Published” and click Confirm when prompted. *Note: The system will automatically unpublish an assessment on its date of expiration—for the r2 Certification: the 2-year…
CSF Compliance
Analytics » Dashboards » Assessments » Compliance » CSF Compliance
View your chosen Assessment by ‘CSF Compliance’ rate and compare them to those that are ‘Fully Compliant’, ‘Partially Compliant’, or ‘Not Compliant’ Statements. Compliance – Find all of your data sorted by control…
CAPs
Analytics » Dashboards » CAPs
The CAPs function is prepared by your Assessor Organization and the Assessor as applicable, and will also serve to describe a ‘Corrective Action Plan (CAP)’. These measurements describe the plan to correct deficiencies identified during the Assessment for…
Residual Risk
Analytics » Dashboards » Assessments » Residual Risk
The ‘Residual Risk’ you carry will be nested here and will carry statistics and charts that mark your vulnerability by ‘Residual Risk Score’, ‘CSF Compliance’ and ‘Residual Risk Rating’. ‘Residual Risk’…
Creating CAPs
Corrective Action Plans (CAPs) » Creating CAPs
There are two ways a CAP can be added to your Organization’s Repository: Either as a result of defining them within one of your Assessments or by adding them directly into the Repository. This topic will cover the latter. From your CAP Repository page (link), you…
Assessments
Analytics » Dashboards » Assessments
Here in the ‘Assessments’ tab, view statistics about each ‘Assessment Statement’ you have entered, and the relevant actions during ‘Completing an Assessment’ you may or may have not placed alongside it. Review your…
Default Scoring Profile
Pre-Assessment » Scoping an Assessment » Default Scoring Profile
This option allows you to pre-score the maturity values for the Assessment. This is a desirable function for your organizations who have established trends within their Assessment. The Default Scoring Profile values defined will be applied to all Not Started…
Attaching the QA Checklist
Documents » Attaching the QA Checklist
The HITRUST CSF Assessor Quality Checklist is a required Document that must be signed by the Engagement Executive and Assessor QA Resource for all Validated Assessments. 1. On the sidebar, click the ‘QA Checklist’ label to be rushed to the QA Checklist page.…
View the Risk Factors
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » View the Risk Factors
Review the Risk Factors that apply to an Assessment Statement. Remember you can change the scope of your assessment if the information does not look correct or if an environment change has occurred by going to **Administrative & Scoping in the Nav bar. From…
Attaching Partner Agreement
Documents » Attaching Partner Agreement
The ‘Partner Agreement’ is made by and between the ‘Participant’ and HITRUST Services Corporations. 1. On the sidebar, click the ‘Partner Agreement’ label to be rushed to the Partner Agreement page. 2. Click on the ‘See a Template’ link to download…
Analytics
Analytics
The ‘Analytics’ feature complements ‘MyCSF’ by delivering extensive and practical information about your Assessments in a multitude of venues ranging from viewing your Avg Maturity Scores per Assessment, Benchmarking scores with other…
Users
Analytics » Dashboards » Assessments » Assessments » Users
View all of the users that been ‘Assigned a Statement’ and take a look if a user has completed or has not started the Statements assigned to him/her. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in each…
Attaching the Management Representation Letter
Documents » Attaching the Management Representation Letter
Every Assessment submitted to HITRUST must include a Management Representation Letter executed on your Organization’s Letterhead, signed by the appropriate level of management overseeing the Assessment, and dated the last day of testing. 1. On the sidebar, click the…
High Level
Analytics » Dashboards » Assessments » Residual Risk » High Level
This option allows us to view the ‘Table of Domains’ and the ‘Residual Risk Ratings’ that each carries for Statements ‘Completed in your Assessment’. Residual Risk – Investigate the areas of your Assessment that may or may…
Systems
Pre-Assessment » Scoping an Assessment » Systems
This is your catalog of systems that will be examined in your assessment. The ‘Selected Tab’ will show all of the systems that are to be assessed. The ‘Other Tab’ represents systems that have been applied to your organization previously but will not be…
Re-validating the Assessment
Interim Assessment (r2 only) » Recreating a Validated Assessment Object » Re-validating the Assessment
As you would in any Validated Assessment, you as the Assessor will need to validate all of the Assessment Questions completed by your Client. You will have to ensure the maturity scores entered are identical to their Original CSF Certification. From the Homepage,…
Managing Your CAP Repository’s Access
Corrective Action Plans (CAPs) » Managing Your CAP Repository’s Access
By Default, only Account Administrators are permitted to both view and edit an Organization’s CAP Repository as well as add/link CAPs to an Assessment. However, an Account Administrator can delegate these privileges to Standard Users within their entity in a few…
Facilities
Pre-Assessment » Scoping an Assessment » Facilities
This is your catalog of facilities that will be addressed in your assessment. The ‘Selected Tab’ will show all of the facilities that will be addressed. The ‘Other Tab’ represents systems that have been applied to your organization previously,…
Creating an Offline Assessment
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment
An Offline Assessment gives you the ability to complete an Assessment outside of MyCSF using a spreadsheet and seamlessly import it back into the application. If you have a MyCSF Subscription and wish to complete your Assessment offline, follow the instructions below…
Manually Generating an Interim Assessment
Interim Assessment (r2 only) » Manually Generating an Interim Assessment
If you are coming up on your 1-year Anniversary of your CSF Certification and have a MyCSF Subscription, please note that your Interim Assessment will auto-generate 90 days prior to the Anniversary of the Certification Date of your Original Assessment. If you wish to…
Compliance
Analytics » Dashboards » Assessments » Compliance
Under the ‘Controls’ category, find all of your domains maturity scores by ‘CSF Compliance’, ‘CSF Baseline’, and ‘CSF Results’. Controls – Find all of your data sorted by control level and sifted down to…
Assessments
Analytics » Dashboards » Assessments » Assessments
Check out each Assessment under your subscription with all of the data applicable to your Assessments under the categories ‘High Level’, ‘Responses’, ‘Results’, ‘Comparisons’, ‘Diary’, ‘Users’,…
Results
Analytics » Dashboards » Assessments » Assessments » Results
View your chosen Assessment by ‘Results’ along with ‘Response Status’, ‘Implementation Level’, and ‘Applicability’. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in…
High Level
Analytics » Dashboards » Assessments » Assessments » High Level
View your chosen Assessment at the highest ‘Avg Maturity Level’ available, accompanied by two interactive charts relating to your Assessment’s ‘Status Filters’ and ‘GAP Status’ for your Statements. Assessments – View your…
CSF Baseline
Analytics » Dashboards » Assessments » Compliance » CSF Baseline
View the ‘CSF Baseline’ function with all of your ‘Maturity Scores’ and each of your ‘PRISMA Values’ as well in the next column over. Compliance – Find all of your data sorted by control level and sifted down to individual…
CAP Management
Analytics » Dashboards » CAPs » CAP Management
View all of the statuses of each Statement that have been issued a ‘CAP Management’ and the maturity scoring from these Statements. CAPs – Find all of the deficiencies you have made in your Assessment and review the CAPs placed by your users within…
Overriding a Potential Quality Issue
Assessment Questionnaire » Potential Quality Issues » Overriding a Potential Quality Issue
The analysis MyCSF runs to check for Potential Quality Issues may sometimes lead to false positives. Because of this, these occurrences can be overridden and excused from remediation. However, if a Potential Quality Issue is overridden, a detailed rationale must be…
Administrating Organization Accounts
Administration » Organization Consolidation » Administrating Organization Accounts
A green “Admin” button has been added to the HITRUST application landing page (see Figure 1, top right corner). The administration function is only viewable to users with Administrator roles as determined by their Organization. Figure 1: Selecting the…
Menu
Analytics » Application Bar » Menu
Export tables in the form of PDF or Excel spreadsheets to transmit any data from your Dashboards for presentation or emailing your colleagues for Powerpoint or other presentations. Menu After authenticating through the MyCSF Portal, click on ‘Analytics’ in the…
Setting Assessor Access
Pre-Assessment » Creating a New Assessment » Name & Security » Setting Assessor Access
From the Name & Security page, here is where you will be able to see the assessor permissions associated with the assessment. You can also navigate to this page while filling out this assessment whenever you like by clicking on the Lock Icon. Assessor Permissions …
Viewing Your Organization’s CAP Repository
Corrective Action Plans (CAPs) » Viewing Your Organization’s CAP Repository
Given you have the appropriate privileges, your CAPs are always easily reachable from the Navigation Bar no matter where you are in the tool by pressing the “Corrective Action Plans” menu option. CAP Repository
Evaluating your Clients Assessment’s Statements
Assessment Questionnaire » Completing an Assessment » Creating and Importing Assessor Evaluation for an Offline Assessment » Evaluating your Clients Assessment’s Statements
Once you have downloaded the excel spreadsheet, you are now able to evaluate and validated your Assessment Statements offline. 1. From the spreadsheet, click on the ‘Assessment’ sheet to add your maturity evaluation and comments for each Assessment…
People Management
Administration » People Management
If you are an Account Administrator within your Organization, you have the ability to manage people’s access as well as modify their Assessment permissions. If you are wishing to elevate or decrease a user’s Administrative rights, click here for instructions. Or,…
Answering your Assessment’s Statements
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment » Answering your Assessment’s Statements
Once you have downloaded the excel spreadsheet, you are now able to answer your Assessment Statements offline. 1. From the spreadsheet, click on the ‘Assessment’ sheet to select if a Statement is or not applicable, maturity scores for each maturity level, and…
Rescheduling/Cancelling a Reservation
Reservations » Rescheduling/Cancelling a Reservation
Once a reservation is made on your assessment, you are entitled to modify or cancel it. Follow the steps below to accomplish this. From the MyCSF Homepage, click on the i1 or r2 Validated Assessment for which you’d like to make a reservation. On the left-hand…
Measure & Managed
Analytics » Reports » Internal Reports » Measure & Managed
Find each Domain name and the Statements for the Measured and Managed Scores that have been taken by management. Measure and Managed After authenticating through the ‘MyCSF Portal’, click on ‘Analytics’ in the top Menu bar. Once pressed, choose…
Adding a New Custom Role
Administration » Subscriber Management » Adding a New Custom Role
If you have a Corporate Level Subscription or above and you are wishing to add a new custom role to your MyCSF Account, please follow the steps below: From the Homepage, click the ‘Administration’ button at the top Menu bar or below your Subscription…
Assessment Report
Analytics » Reports » External Reports » Assessment Report
Contains the responses of the HITRUST CSF Assessment categorizes by the nineteen domains. This is separate from the purchasable Self-Assessment report. Assessment Report After authenticating through the ‘MyCSF Portal’, click on ‘Analytics’ in the…
Bookmarks
Analytics » Application Bar » Bookmarks
Stop at any area of the dashboards by bookmarking your spot to start back at the exact URL including any modifications you have been making while examining your data on the Dashboards whenever you sign in. Bookmark After authenticating through the MyCSF Portal,…
Missed My Submission Date
Reservations » Rescheduling/Cancelling a Reservation » Missed My Submission Date
If the submission date that is defined for your reservation passes without your assessment having been previously submitted, your reservation will be automatically cancelled. You may be issued a cancellation fee if the submission date fell after the “Last day to…
Scoring Extract Profile
Analytics » Reports » Internal Reports » Scoring Extract Profile
Find the Scoring patterns for all of your Statements and each of your maturity percentage by each domain color coded with green signifying passing, yellow requires CAPs, and red being failing. Scoring Extract Report After authenticating through the ‘MyCSF…
Linking Statements and Documents
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment » Linking Statements and Documents
If you have documents in your Document Repository and/or have added new documents in the excel spreadsheet, you have the ability to link them to your Assessment Statements. *Please note that Account Admins, Assessment Leads, and Assessors can do the below. 1. From…
Assessor Report
Analytics » Reports » External Reports » Assessor Report
Contains the responses and assessor comments of the HITRUST CSF Assessment categorized by the nineteen domains. Assessment with HITRUST CSF Implementation Report After authenticating through the ‘MyCSF Portal’, click on ‘Analytics’ in the top Menu…
HITRUST Portal
HITRUST Portal
This topic will instruct you on how to properly login to the HITRUST Portal, setup and manage Two Factor Authentication, change and/or reset a Password, and access the MyCSF and/or Assessment XCHANGE Application(s). HITRUST Portal Sub-Topics Logging in to the…
View the Assessment Statement Log
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » View the Assessment Statement Log
Keep track of the users who have answered an Assessment Statement by accessing the Assessment Statement Log. MyCSF archives who modified a statement and when they did it. From the Assessment Domain, click on the Assessment Statement you wish to view the…
Assessment with HITRUST CSF Implementation Report
Analytics » Reports » External Reports » Assessment with HITRUST CSF Implementation Report
Contains the responses of the HITRUST CSF Assessment categorized by the nineteen domains. This is separate from the purchasable Self-Assessment report. Assessment with HITRUST CSF Implementation Report After authenticating through the ‘MyCSF Portal’,…
Library
Library
Located at the top of the Menu bar, the Library can be viewed and/or exported as a template, based on the any of your downloaded versions. You can interact with the HITRUST CSF in a top to bottom structure starting from the Control Category, Control Objective, Control…
Benchmarking
Analytics » Dashboards » Metrics » Benchmarking » Benchmarking
Review each domains Avg Maturity Scores and find the averages between two or more Assessments and the industry Benchmark. Benchmarking – This option enables a user to search through data that has been collected for relevant Validated Assessments to allow our…
Statistics
Analytics » Dashboards » Metrics » Benchmarking » Statistics
Compare the top 10th or bottom 90th percentile of any one of your Assessments as well as the Avg Maturity Averages for each of your domains. Benchmarking – This option enables a user to search through data that has been collected for relevant Validated…
Creating and Importing Assessor Evaluation for an Offline Assessment
Assessment Questionnaire » Completing an Assessment » Creating and Importing Assessor Evaluation for an Offline Assessment
When a Validated Assessment has been submitted to an Assessor, you the Assessor has the ability to fill-out your evaluation outside of MyCSF using a spreadsheet and seamlessly import your evaluation back into the application. Follow the instructions below on Creating…
Managing Administrative Roles
Administration » People Management » Managing Administrative Roles
Follow the instructions below to manage a user’s Administrative Role. From the Homepage, click the ‘Administration’ button at the at the top Menu bar or below your Subscription Information. Click on the name you wish to update. From the People Management…
Modifying CAPs
Corrective Action Plans (CAPs) » Modifying CAPs
For CAPs that have already been created, MyCSF allows you to easily make changes to this CAP either to record progress or refine the information currently documented. From your CAP Repository page (link), you will see a table cataloging all of the CAPs belonging to…
Controlling Assessment Roles
Administration » People Management » Controlling Assessment Roles
Follow the instructions below to manage a user’s Assessment Privileges. From the Homepage, click the ‘Administration’ button at the at the top Menu bar or below your Subscription Information. Click on the name of the Assessment you wish to update. From the…
Sources
Analytics » Dashboards » Assessments » Assessments » Sources
View the Authoritative Sources to any one of your Assessments and browse through the page to find those that match any of your Statements. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in each of your…
Benchmarking
Analytics » Dashboards » Metrics » Benchmarking
This option enables a user to search through data that has been collected for relevant Validated Assessments to allow our users to do a quick comparison check against their industry standards. Metrics – The ‘Metrics’ section compiles industry data…
Diary
Analytics » Dashboards » Assessments » Assessments » Diary
Review your ‘Diary Entries’ and what you and your Assessor have conversed about regarding any Statement that you can your Assessor have spoken about. This is a useful feature for record keeping all on your ‘Diary’ function. Assessments –…
High Level
Analytics » Dashboards » Assessments » Compliance » High Level
View your chosen Assessment at the highest ‘CSF Compliance per Domain’ available, partnered with ‘Maturity Rating per Domain’ for your Statements. Compliance – Find all of your data sorted by control level and sifted down to individual…