Search
Related topics are listed below.
Assessment Options
Pre-Assessment » Scoping an Assessment » Assessment Options
Answer the dropdowns provided to determine what kind of assessment will be generated by MyCSF. This includes Targeted, CSF Security, CSF Security & Privacy, CSF Comprehensive Security, and CSF Comprehensive Security & Privacy Assessments. The level of validation will…
Configuring Two Factor Authentication
HITRUST Portal » Configuring Two Factor Authentication
The HITRUST Portal supports the use of SMTP, SMS, Phone Call, and Time-Based Authenticator Apps to receive the One Time Passcodes (OTP) necessary to finish the log-in process. By default, all accounts are automatically provisioned with the SMTP option active. If you…
Real Time Gap List Report
Analytics » Reports » External Reports » Real Time Gap List Report
Contains a catalog of the Requirement Statements of the HITRUST CSF Assessment that were identified as being a GAP. Real Time Gap List Report After authenticating through the ‘MyCSF Portal’, click on ‘Analytics’ in the top Menu bar. Once pressed,…
Time-Based Two Factor Authentication Setup
HITRUST Portal » Configuring Two Factor Authentication » Time-Based Two Factor Authentication Setup
After successfully authenticating to the HITRUST Portal, you will be directed to the HITRUST Portal Landing page. Follow the steps below on how to properly configure time-based two factor authentication. From the HITRUST Portal, click the link “Setup how you want…
Completing your Internal Assessor Time Sheet
Internal Assessors » Completing your Internal Assessor Time Sheet
Like External Assessors, Internal Assessors are obligated to document both the individuals who performed Internal Assessor duties on the Assessment as well as the hours they each committed. On the sidebar, click the ‘Internal Assessor Time Sheet’ label to be…
Configuring a User as a HITRUST CSF practitioner
Internal Assessors » Configuring a User as a HITRUST CSF practitioner
A requirement of the Internal Assessor program is that all users performing Internal Assessor duties must be an active HITRUST CSF Certified Practitioner (CCSFP). In order to have a user validated as a CCSFP, the Account Administrator from your organization must…
Viewing the Library
Library » Viewing the Library
The HITRUST CSF is a comprehensive and prescriptive framework that can be scaled and tailored based on an organization’s type, size and complexity. This library will include the most interactive and up-to-date source for the HITRUST CSF.
Downloading the Report
Reports » bC Assessments » Downloading the Report
Once your bC Report is available for download, you will receive an automated notification from HITRUST like the one shown below: Follow the steps below to download your report: From the MyCSF Homepage, click on the Assessment name of the report you would like to…
View the Illustrative Procedures
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » View the Illustrative Procedures
r2 Assessment: Use the Illustrative Procedures to help clarify the necessary components to accurately score the statement. From the MyCSF Homepage, click the Assessment name you would like to view. From the Assessment Domain, click on the Assessment Statement of…
View the Authoritative Sources
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » View the Authoritative Sources
If you’re interested in the standards and regulations that comprise an Assessment Statement, use the Authoritative Sources link under the More Info dropdown. From the Assessment Domain, click on the Assessment Statement you wish to view the Authoritative…
View the Risk Factors
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » View the Risk Factors
Review the Risk Factors that apply to an Assessment Statement. Remember you can change the scope of your assessment if the information does not look correct or if an environment change has occurred by going to **Administrative & Scoping in the Nav bar. From…
11.1.1. Downloading the Report
Reports » r2 and i1 Assessments » 11.1.1. Downloading the Report
Once your HITRUST CSF Report is available for download, you will receive an automated notification from HITRUST, like the one below. Your report will be available in the draft state for 30 days to allow you ample time for review. Follow the steps below to download…
Re-validating the Assessment
Interim Assessment (r2 only) » Recreating a Validated Assessment Object » Re-validating the Assessment
As you would in any Validated Assessment, you as the Assessor will need to validate all of the Assessment Questions completed by your Client. You will have to ensure the maturity scores entered are identical to their Original CSF Certification. From the Homepage,…
Attaching the QA Checklist
Documents » Attaching the QA Checklist
The HITRUST CSF Assessor Quality Checklist is a required Document that must be signed by the Engagement Executive and Assessor QA Resource for all Validated Assessments. 1. On the sidebar, click the ‘QA Checklist’ label to be rushed to the QA Checklist page.…
View the Assessment Statement Log
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » View the Assessment Statement Log
Keep track of the users who have answered an Assessment Statement by accessing the Assessment Statement Log. MyCSF archives who modified a statement and when they did it. From the Assessment Domain, click on the Assessment Statement you wish to view the…
Attaching the Management Representation Letter
Documents » Attaching the Management Representation Letter
Every Assessment submitted to HITRUST must include a Management Representation Letter executed on your Organization’s Letterhead, signed by the appropriate level of management overseeing the Assessment, and dated the last day of testing. 1. On the sidebar, click the…
Logging in to the HITRUST Portal
HITRUST Portal » Logging in to the HITRUST Portal
Follow the steps below on how to login to the HITRUST Portal: Using an Internet Browser, go to the web address https://portal.mycsf.net. A page will load that requires you to enter your Email Address and Password. Once entered, click the ‘Login’…
Attaching the Organizational Overview and Scope
Documents » Attaching the Organizational Overview and Scope
Uploading the details on the ‘Scope of Your Assessment’ along with the information regarding your ‘Company Profile’ can be placed here. 1. On the sidebar, click the ‘Organizational Overview & Scope label to be rushed to the Organizational Overview & Scope…
Edit Existing User in the Portal
Administration » Organization Consolidation » User Management » Edit Existing User in the Portal
Follow the instructions below to edit an existing user in your Portal Account: From the User Management table, click the edit icon adjacent to the user’s name. From the modal, you will have the option to edit the user’s first name, last name, role, toggle…
Adding a New Person to the Portal
Administration » Organization Consolidation » User Management » Adding a New Person to the Portal
Follow the instructions below to add a new person to your Portal Account: From the Portal Administration page, click the ‘Add Person’ button on the User Management table. From the modal, enter the ‘First Name’, ‘Last Name’, and ‘Email’. Click the…
How To Request Inheritance Using the Offline Assessment Template
Inheritance » External Inheritance » Inheritance Requestors » How To Request Inheritance Using the Offline Assessment Template
To create inheritance requests using the offline assessment, first generate the offline assessment worksheet using the process outlined in the Creating an Offline Assessment section of the User Guide. Locate and click the “Inheritance” tab in the Offline…
How To Use the Kanban View To Track Inheritance Requests
Inheritance » External Inheritance » Inheritance Requestors » How To Use the Kanban View To Track Inheritance Requests
The Kanban reporting view can be used to confirm the submitted inheritance requests. Find the Kanban board by: 1. Clicking the Views option in MyCSF and selecting the Kanban View. 2. Then filter for the assessment object name. Hovering over the assessment tile…
Submitting External Assessor Reverted Controls Back to the External Assessor
Assessment Questionnaire » Submitting an Assessment » Submitting External Assessor Reverted Controls Back to the External Assessor
When an External Assessor reverts an Assessment Statement back to their client, the returned Assessment Statement will display a “Response Needed for External Assessor” status. To address these Assessment Statements, you as the client will need to do the…
First Login and Authentication
HITRUST Portal » Logging in to the HITRUST Portal » First Login and Authentication
If this is your first-time logging into the HITRUST Portal, follow the steps below to locate and change the temporary password associated with your MyCSF Account. Locate the email with the subject line: “HITRUST Login Registration – Account Lead Created” from…
Internal Assessors
Internal Assessors
Organizations, that are capable of demonstrating proficiency within their Internal Audit departments, are permitted to test their own Requirement Statements and enable their External Assessor to rely on the results. Click here to learn more. Sub-topics Applying to…
Making a Reservation
Reservations » Making a Reservation
Reservations allow you to have more awareness into when your validated assessment will be reviewed by the HITRUST Quality Assurance team. You can set one up seamlessly within your assessment. From the MyCSF Homepage, click on the i1 or r2 validated assessment for…
HITRUST Portal
HITRUST Portal
This topic will instruct you on how to properly login to the HITRUST Portal, setup and manage Two Factor Authentication, change and/or reset a Password, and access the MyCSF and/or Assessment XCHANGE Application(s). HITRUST Portal Sub-Topics Logging in to the…
Admin
Analytics » Dashboards » Admin
Under the ‘Admin’ tab, you can view each Assessment’s Administrative and Scoping inputs under this subscription. Click on each function at the top of the page to access one. Admin – This option allows you to review the Pre-Assessment information…
Cloning an Assessment
Pre-Assessment » Creating a New Assessment » Name & Security » Cloning an Assessment
Cloning an Assessment gives you the ability to transfer all maturity scores, comments, and documents from an existing Assessment into a newly created one. If you wish to complete a new Assessment with existing data from a previous Assessment, follow the instructions…
Assigning Internal Assessors to an Assessment
Internal Assessors » Assigning Internal Assessors to an Assessment
If an Internal Assessor Function has been chosen for an Assessment (Link to Enabling Internal Assessors On Your Assessment), the Subscriber People table will be augmented to include a new column that is reserved for Internal Assessors. Those that have been delegated…
Filters
Analytics » Dashboards » Filters
Use the Filters module to narrow down a search on specific Statements you may be looking for and the Assessments they may lie in. This includes filters such as Not Applicable, In Scope, Required for CSF Certification, Maturity Rating, and Gap Rating. Filters –…
HITRUST’s Criteria for Submission
Assessment Questionnaire » Submitting an Assessment » HITRUST’s Criteria for Submission
If you have completed all of the Assessments Statements in either your Self or Validated Assessment to HITRUST, please verify that the below is covered before submitting it. 1. Ensure that the following Required Documents have been uploaded with the correct dates as…
Administrative
Analytics » Dashboards » Admin » Administrative
View your Organization Information and Assessment Options inputs. This is the information you entered in your Assessment under the Administrative & Scoping section of ‘MyCSF’. Administrative Details After authenticating through the MyCSF Portal, click…
Assessor Timesheet
Documents » Assessor Timesheet
Required for all Validated Assessments, assessor organizations must record all individuals that assisted with the submission of the assessment. External Assessor Time Sheet 1. On the sidebar, click the ‘Time Sheet’ label to be rushed to the Time Sheet page.…
Rescheduling/Cancelling a Reservation
Reservations » Rescheduling/Cancelling a Reservation
Once a reservation is made on your assessment, you are entitled to modify or cancel it. Follow the steps below to accomplish this. From the MyCSF Homepage, click on the i1 or r2 Validated Assessment for which you’d like to make a reservation. On the left-hand…
Administration
Administration
The Administration page is where you manage your Account(s). If you are an Account Administrator for one or multiple accounts, this is where you can access each account. If you are an Account Administrator for one account, then you will be directed to your…
Answering an Assessment Statement
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement
There are many components to completing an assessment. This includes: Answering a Statement, Assigning a Respondent, Related Authoritative Sources, Risk Factors, History Assessment Log, Illustrative Procedures, Adding Documents, and CAP Management. r2 Assessment: …
Unlinking CAPs from a Statement
Assessment Questionnaire » Corrective Action Plans (CAPs) in Your Assessment » Unlinking CAPs from a Statement
CAPs that you no longer wish to have linked to a Statement can be removed from a Statement in a few clicks. On the Statement, press the “CAP” button to expand the CAP table. Select the CAP you want to have disassociated from the active Statement. Once…
Statistics
Analytics » Dashboards » Metrics » Benchmarking » Statistics
Compare the top 10th or bottom 90th percentile of any one of your Assessments as well as the Avg Maturity Averages for each of your domains. Benchmarking – This option enables a user to search through data that has been collected for relevant Validated…
Viewing an Assessment Domain
Assessment Questionnaire » Completing an Assessment » Viewing an Assessment Domain
To view the Assessment Statements you have generated in the Scope of your Assessment click on the Clipboard in the left Nav bar so you may be able to view your Assessment Questionnaire. Choose one of your nineteen domains to begin answering one of your Assessment…
Setting User Access
Pre-Assessment » Creating a New Assessment » Name & Security » Setting User Access
From the Name & Security page, you will be able to set the users associated with this Assessment under the People section. Place your users in the table as either No Access, Assessment Lead, Standard User, Customer Respondent, Read Only, or a Custom Role. You can…
Home
Analytics » Dashboards » Home
Here you will see your total ‘Assessments’, ‘Avg. Maturity Score per Domain’, as well as your ‘Gap Status’, and ‘Residual Risk Rating’ charts. Home – Here is the homepage you will automatically arrive at upon…
Setting Your Organization
Homepage » Setting Your Organization
Your Organization will hold all of the Assessments under this particular subscription. You can have a quick look at ‘Subscription Level’, ‘Number of Assessments Created’, and ‘Expiration Date’ for this Organization. On the MyCSF Homepage, click the…
Organization Consolidation
Administration » Organization Consolidation
User accounts are consolidated at the Organization level in the HITRUST application landing page. The consolidation helps eliminate redundant accounts at the application module level, and ensures all user accounts are associated with one Organization based on their…
Creating CAPs
Corrective Action Plans (CAPs) » Creating CAPs
There are two ways a CAP can be added to your Organization’s Repository: Either as a result of defining them within one of your Assessments or by adding them directly into the Repository. This topic will cover the latter. From your CAP Repository page (link), you…
Factors
Pre-Assessment » Scoping an Assessment » Factors
The inputs on the Factors tab are used to measure the risk inherent to your environment. The information provided within will be used to narrow down the list of assessment statements for your questionnaire. General Factors – These factors are used to…
Sources
Analytics » Dashboards » Assessments » Assessments » Sources
View the Authoritative Sources to any one of your Assessments and browse through the page to find those that match any of your Statements. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in each of your…
Attaching Partner Agreement
Documents » Attaching Partner Agreement
The ‘Partner Agreement’ is made by and between the ‘Participant’ and HITRUST Services Corporations. 1. On the sidebar, click the ‘Partner Agreement’ label to be rushed to the Partner Agreement page. 2. Click on the ‘See a Template’ link to download…
Comparisons
Analytics » Dashboards » Assessments » Assessments » Comparisons
Compare your Assessments and create your own observations between maturity scores and on where your security stands per Domain, or Statement. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in each of your…
CSF Implementation
Analytics » Dashboards » Assessments » Compliance & Procedures » CSF Implementation
Here you will find the ‘CSF Implementation’ process for each of your ‘Requirement Statements’. Policies & Procedures – Glimpse at the relationship between how your Assessor organization establishes criteria for each Statement being…
Scorecards
Analytics » Dashboards » Metrics » Scorecards
Determine how your Statement results comply with your average maturity scores to any of the sections of our more popular standardizing bodies. Review your outcomes and compare it to one of the ‘Authoritative Source Sections’ given to discover how secure the…
Related Documents
Analytics » Dashboards » Assessments » Documents & Other » Related Documents
View any of the ‘Related Documents’ under your subscription that has a document attatched to any of your ‘Statements’ . Requirements – Inspect each of the required materials in any assessment ranging from the ‘Controls’…
Scoping an Assessment
Pre-Assessment » Scoping an Assessment
The scope of the Assessment is the information about your organization that will be used to narrow down the most precise assessment for your compliance and security needs. Fields marked with red asterisks are mandatory. After authenticating through the HITRUST…
Uploading Evidence
Documents » Uploading Evidence
Upload a piece of evidence you believe will aid you in your assessment. The documents you provide will help support the ‘Assessor’ on why certain Maturity Value selections were made. From the MyCSF Homepage, click on the Assessment name you would like to…
Answering Requirement Statements
Internal Assessors » Answering Requirement Statements
By Default, all Requirement Statements will be inherently owned by Management. If you wish to provide the scoring as an Internal Assessor, you can either designate individual Requirement Statements or entire Assessment Domains as having be addressed by an Internal…
Documents & Other
Analytics » Dashboards » Assessments » Documents & Other
View all of the ‘Requirements’ that your chosen Assessment is mandated to undergo, including, relevant ‘Controls’ and ‘Authoritative Sources’ for it. Requirements – Inspect each of the required materials in any assessment…
Benchmarking
Analytics » Dashboards » Metrics » Benchmarking
This option enables a user to search through data that has been collected for relevant Validated Assessments to allow our users to do a quick comparison check against their industry standards. Metrics – The ‘Metrics’ section compiles industry data…
Compliance & Procedures
Analytics » Dashboards » Assessments » Compliance & Procedures
View all of your ‘Policies & Procedures’ for every ‘Related HITRUST Control’ in the CSF Library, that is used a s a guide for your Assessor. Policies & Procedures – Glimpse at the relationship between how your Assessor organization…
Library Retention
Pre-Assessment » Scoping an Assessment » Library Retention
The Library Retention feature provides visibility into specific changes associated with HITRUST CSF version updates, and allows users to apply those changes to assessment objects created under previous versions of the framework. To begin the update process, open an…
Metrics
Analytics » Dashboards » Metrics
The ‘Metrics’ section compiles industry data that is associated to your organization and reflects averages, standards, and patterns, to their security testing. Users can make quick comparisons on where their organization stands along with any discernment…
Assessments
Analytics » Dashboards » Assessments » Assessments
Check out each Assessment under your subscription with all of the data applicable to your Assessments under the categories ‘High Level’, ‘Responses’, ‘Results’, ‘Comparisons’, ‘Diary’, ‘Users’,…
MyCSF Compliance and Reporting Packs
Analytics » MyCSF Compliance and Reporting Packs
MyCSF Compliance and Reporting Pack for HIPAA Step 1: Create a readiness, validated, or targeted assessment using v9.5.0 or later which includes the HIPAA breach notification rule and/or HIPAA security rule. Step 2: Go to Analytics > Compliance Packs > Select…
Creating and Importing Assessor Evaluation for an Offline Assessment
Assessment Questionnaire » Completing an Assessment » Creating and Importing Assessor Evaluation for an Offline Assessment
When a Validated Assessment has been submitted to an Assessor, you the Assessor has the ability to fill-out your evaluation outside of MyCSF using a spreadsheet and seamlessly import your evaluation back into the application. Follow the instructions below on Creating…
Managing your Documents
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment » Managing your Documents
All of the documents that exist in your Assessments Document Repository will be listed in the excel spreadsheet. You will have the ability to manage existing documents as well as adding new documents (without an attachment) in your Repository. !Please note that when…
How To Apply Approved External Inheritance Requests
Inheritance » External Inheritance » Inheritance Requestors » How To Apply Approved External Inheritance Requests
1. From anywhere within the Assessment view, go to the ‘Inheritance’ request page by clicking on the ‘Inheritance’ link located on the left-hand side panel after the ‘Documents’ section. 2. From the ‘Inheritance’ request page, click on the…
Linking Statements and Documents
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment » Linking Statements and Documents
If you have documents in your Document Repository and/or have added new documents in the excel spreadsheet, you have the ability to link them to your Assessment Statements. *Please note that Account Admins, Assessment Leads, and Assessors can do the below. 1. From…
Systems
Pre-Assessment » Scoping an Assessment » Systems
This is your catalog of systems that will be examined in your assessment. The ‘Selected Tab’ will show all of the systems that are to be assessed. The ‘Other Tab’ represents systems that have been applied to your organization previously but will not be…
Performing an Interim Review Assessment
Interim Assessment (r2 only) » Performing an Interim Review Assessment
If you are coming up on your 1-year Anniversary of your CSF Certification, you will need to perform an Interim Assessment. The Interim Assessment is to ensure that the scope of your CSF Certification is still valid. From the Homepage, click on the Assessment with…
How To Submit External Inheritance Requests for Approval
Inheritance » External Inheritance » Inheritance Requestors » How To Submit External Inheritance Requests for Approval
1. From anywhere within the Assessment view, go to the ‘Inheritance’ request page by clicking on the ‘Inheritance’ link located on the left-hand side panel after the ‘Documents’ section. 2. From the ‘Inheritance’ request page, click on the…
CSF Library
Analytics » Dashboards » Library » CSF Library
The ‘CSF Library’ function will have facts related to the Control Categories and its respective subsections. Library – The Library module is the gateway to entering the ‘MyCSF Library’ to review the most current up to date version of…
Authoritative Sources
Analytics » Dashboards » Library » Authoritative Sources
Here in ‘Authoritative Sources’, find the entire listing of any governance and regulatory bodies that could be included in your Assessment and each of the sections per Source. Library – The Library module is the gateway to entering the…
Library
Analytics » Dashboards » Library
Use the ‘Library’ to find all information associated with it, including a complete overview of the ‘Authoritative Sources’, ‘Control Categories’, and ‘Assessment Domains’. Library – The Library module is the…
Facilities
Pre-Assessment » Scoping an Assessment » Facilities
This is your catalog of facilities that will be addressed in your assessment. The ‘Selected Tab’ will show all of the facilities that will be addressed. The ‘Other Tab’ represents systems that have been applied to your organization previously,…
How To View Internally-Inherited Assessment Scores
Inheritance » Internal Inheritance » How To View Internally-Inherited Assessment Scores
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal. 2. Within the Inheritance Modal, click on the ‘Scoring’ tab. The first line shows the internal assessment from which…
How To View Externally-Inherited Assessment Scores
Inheritance » External Inheritance » Inheritance Requestors » How To View Externally-Inherited Assessment Scores
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal. 2. Within the Inheritance Modal, click on the ‘Scoring’ tab. The first line shows the external assessment from which…
High Level
Analytics » Dashboards » Assessments » Residual Risk » High Level
This option allows us to view the ‘Table of Domains’ and the ‘Residual Risk Ratings’ that each carries for Statements ‘Completed in your Assessment’. Residual Risk – Investigate the areas of your Assessment that may or may…
Adding a User to an Assessment Domain
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » Adding a User to an Assessment Domain
Assigning a User to an Assessment Domain is a beneficial tool to better manage resources and aggregate a collection of responses. From the Assessment Questionnaire, click on the Assessment Domain you wish to assign. From the Assessment Domain, click on the…
All Potential Requirements
Analytics » Dashboards » Assessments » Documents & Other » All Potential Requirements
Find your ‘Potential Requirements’ to the current state of your Assessment including ‘Statements; and Authoritative Sources’**. Requirements – Inspect each of the required materials in any assessment ranging from the…
How To Create/Apply Internal Inheritance Requests
Inheritance » Internal Inheritance » How To Create/Apply Internal Inheritance Requests
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button (yellow underline) to open the Inheritance window. 2. From the ‘Requests’ tab within the Inheritance window, select ‘Internal’ from the…
Bookmarks
Analytics » Application Bar » Bookmarks
Stop at any area of the dashboards by bookmarking your spot to start back at the exact URL including any modifications you have been making while examining your data on the Dashboards whenever you sign in. Bookmark After authenticating through the MyCSF Portal,…
Approving a Draft Report
Reports » r2 and i1 Assessments » Approving a Draft Report
‘Draft Reports’ are automatically approved 30 days after posting. However, the reports can be manually approved prior to the 30 days, by selecting the ‘Approve HITRUST CSF Report’ button on the ‘CSF Reports’ section, HITRUST will then be notified to…
Manually Generating an Interim Assessment
Interim Assessment (r2 only) » Manually Generating an Interim Assessment
If you are coming up on your 1-year Anniversary of your CSF Certification and have a MyCSF Subscription, please note that your Interim Assessment will auto-generate 90 days prior to the Anniversary of the Certification Date of your Original Assessment. If you wish to…
CSF Results
Analytics » Dashboards » Assessments » Compliance » CSF Results
View the ‘Results’ on each of your ‘Control Categories’ down to the ‘Unique ID’ of the Assessment at hand. Compliance – Find all of your data sorted by control level and sifted down to individual Statements. CSF Results…
Residual Risk Rating
Analytics » Dashboards » Assessments » Residual Risk » Residual Risk Rating
Study each Statement in/out of your ‘Scope’ to find the risk you carry per Statement if it is ‘Applicable’. Residual Risk – Investigate the areas of your Assessment that may or may not require immediate attention in the ‘Scope of…
Creating an Offline Assessment
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment
An Offline Assessment gives you the ability to complete an Assessment outside of MyCSF using a spreadsheet and seamlessly import it back into the application. If you have a MyCSF Subscription and wish to complete your Assessment offline, follow the instructions below…
Downloading Evidence
Documents » Downloading Evidence
If you are looking to download evidence individually, follow the instructions below on Downloading Evidence. On the sidebar, click the ‘Documents’ icon to be redirected to the Assessment’s Document Repository. From the Document Repository, click the name of…
Name & Security
Pre-Assessment » Creating a New Assessment » Name & Security
The Name & Security page is where you will be able to see the administrative information pertaining to the Assessment. You can navigate to this page while filling out this assessment whenever you like. 1. After authenticating through the MyCSF Portal, click on your…
External Inheritance
Inheritance » External Inheritance
External Inheritance allows users to “inherit” assessment results that are shared by the same or different organizational entity. Access and use of external inheritance is subject to the following requirements and available functionality: The owner of the…
Selecting Your Assessment
Homepage » Selecting Your Assessment
After setting your Organization an Assessment table will appear with all of the Assessments within your account. Atop the ‘Assessments’ table, is a donut chart displaying a consolidation of the statuses of your Assessments. Click on portions of the donut chart to…
Assigning a User
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » Assigning a User
Assigning a user to an Assessment Statement is a beneficial tool to better manage resources and aggregate a collection of responses. From the Assessment Domain, click on the Assessment Statement you wish to assign. Press the ‘Actions’ button and…
Status
Analytics » Dashboards » Assessments » Assessments » Status
View your chosen Assessment by ‘Status’ to further clarify how fast your Assessment is moving in either the ‘Self-Assessment’, ‘Validated Assessment’ or ‘Targeted Assessment Process’. Assessments – View your…
Users
Analytics » Dashboards » Assessments » Assessments » Users
View all of the users that been ‘Assigned a Statement’ and take a look if a user has completed or has not started the Statements assigned to him/her. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in each…
CAP Management
Analytics » Dashboards » CAPs » CAP Management
View all of the statuses of each Statement that have been issued a ‘CAP Management’ and the maturity scoring from these Statements. CAPs – Find all of the deficiencies you have made in your Assessment and review the CAPs placed by your users within…
Administrating Organization Accounts
Administration » Organization Consolidation » Administrating Organization Accounts
A green “Admin” button has been added to the HITRUST application landing page (see Figure 1, top right corner). The administration function is only viewable to users with Administrator roles as determined by their Organization. Figure 1: Selecting the…
CAPs
Analytics » Dashboards » CAPs
The CAPs function is prepared by your Assessor Organization and the Assessor as applicable, and will also serve to describe a ‘Corrective Action Plan (CAP)’. These measurements describe the plan to correct deficiencies identified during the Assessment for…
How To Create External Inheritance Requests by Requirement
Inheritance » External Inheritance » Inheritance Requestors » How To Create External Inheritance Requests by Requirement
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal window. 2. From the ‘Requests’ tab within the Inheritance Modal, select ‘External’ from the drop-down for the…
Results
Analytics » Dashboards » Assessments » Assessments » Results
View your chosen Assessment by ‘Results’ along with ‘Response Status’, ‘Implementation Level’, and ‘Applicability’. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in…
Benchmarking
Analytics » Dashboards » Metrics » Benchmarking » Benchmarking
Review each domains Avg Maturity Scores and find the averages between two or more Assessments and the industry Benchmark. Benchmarking – This option enables a user to search through data that has been collected for relevant Validated Assessments to allow our…
Creating a New Assessment
Pre-Assessment » Creating a New Assessment
If you are an Account Administrator, you’ll be able to simply add a new Assessment directly through the homepage of MyCSF. From the MyCSF Homepage, click the ‘+ Create Assessment’ button on the ‘Assessments’ table found under the Organization panel. You…
Submit a Domain to an Assessor
Assessment Questionnaire » Submitting an Assessment » Submit a Domain to an Assessor
When you are ready to submit your domain to your assessor for validation, press the link located in the green banner above the Assessment Statements for the Domain that you’ve finished. This link will not become available until all of the Assessment Statements have…