Search
Related topics are listed below.
Name & Security
Pre-Assessment » Creating a New Assessment » Name & Security
The Name & Security page is where you will be able to see the administrative information pertaining to the Assessment. You can navigate to this page while filling out this assessment whenever you like. 1. After authenticating through the MyCSF Portal, click on your…
Assessment Name
Pre-Assessment » Creating a New Assessment » Name & Security » Assessment Name
On the Name & Security page, there is a text input reserved for the name of the Assessment. The name will help you identify it easily from any other assessment you may have. For example: “2019 ABC Company Validated Assessment”, “2019 ABC Company…
First Login and Authentication
HITRUST Portal » Logging in to the HITRUST Portal » First Login and Authentication
If this is your first-time logging into the HITRUST Portal, follow the steps below to locate and change the temporary password associated with your MyCSF Account. Locate the email with the subject line: “HITRUST Login Registration – Account Lead Created” from…
Viewing Notifications and Tasks
Homepage » Viewing Notifications and Tasks
Tasks can be assigned to anyone with access to MyCSF. Provision tasks to anyone that you may feel will be an asset to completing your Assessment. From the MyCSF Homepage, there is a ‘Your Notifications’ component positioned on the right-hand side of the view.…
Linking Statements and Documents
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment » Linking Statements and Documents
If you have documents in your Document Repository and/or have added new documents in the excel spreadsheet, you have the ability to link them to your Assessment Statements. *Please note that Account Admins, Assessment Leads, and Assessors can do the below. 1. From…
r2 and i1 Assessments
Reports » r2 and i1 Assessments
Report creation and distribution for i1 and r2 assessments follow the same workflow in MyCSF: Downloading the Report Request a Revision for an Issued Report Approving a Draft Report
Contacts and Documents Report
Analytics » Reports » Internal Reports » Contacts and Documents Report
Administrative Details and Factors Report
Analytics » Reports » External Reports » Administrative Details and Factors Report
Contains information input into the “Administrative Details and Factors” of the HITRUST CSF Assessment. Administrative Details and Factors Report After authenticating through the ‘MyCSF Portal’, click on ‘Analytics’ in the top Menu…
MyCSF Compliance and Reporting Packs
Analytics » MyCSF Compliance and Reporting Packs
MyCSF Compliance and Reporting Pack for HIPAA Step 1: Create a readiness, validated, or targeted assessment using v9.5.0 or later which includes the HIPAA breach notification rule and/or HIPAA security rule. Step 2: Go to Analytics > Compliance Packs > Select…
Attaching the Organizational Overview and Scope
Documents » Attaching the Organizational Overview and Scope
Uploading the details on the ‘Scope of Your Assessment’ along with the information regarding your ‘Company Profile’ can be placed here. 1. On the sidebar, click the ‘Organizational Overview & Scope label to be rushed to the Organizational Overview & Scope…
Creating and Importing Assessor Evaluation for an Offline Assessment
Assessment Questionnaire » Completing an Assessment » Creating and Importing Assessor Evaluation for an Offline Assessment
When a Validated Assessment has been submitted to an Assessor, you the Assessor has the ability to fill-out your evaluation outside of MyCSF using a spreadsheet and seamlessly import your evaluation back into the application. Follow the instructions below on Creating…
Scoping an Assessment
Pre-Assessment » Scoping an Assessment
The scope of the Assessment is the information about your organization that will be used to narrow down the most precise assessment for your compliance and security needs. Fields marked with red asterisks are mandatory. After authenticating through the HITRUST…
Deleting an Assessment
Pre-Assessment » Creating a New Assessment » Name & Security » Deleting an Assessment
Deleting an Assessment will be permanently removed from MyCSF. Only Account Admins and Assessment Leads have the privilege to delete an Assessment. The status of the Assessment must be ‘Not Started’ or ‘Answering Assessment’, as well as not submitted to the…
Organization Information
Pre-Assessment » Scoping an Assessment » Organization Information
The fields in this page range from Contact Information, Organizational Profile, and the Corporate Environment text boxes. Press ‘Save & Continue’ when you are finished. Contact Information – Fill in the text boxes with mandatory fields: Contact Name, Title,…
Enabling Internal Assessors On Your Assessment
Internal Assessors » Enabling Internal Assessors On Your Assessment
After your Internal Assessor application has been approved, the Name and Security page on your Organization’s Assessment will be altered to include a checkbox allowing you to mark your Assessment as having been tested by Internal Assessors. When selected, you will be…
Assessment Options
Pre-Assessment » Scoping an Assessment » Assessment Options
Answer the dropdowns provided to determine what kind of assessment will be generated by MyCSF. This includes Targeted, CSF Security, CSF Security & Privacy, CSF Comprehensive Security, and CSF Comprehensive Security & Privacy Assessments. The level of validation will…
Creating a New Assessment
Pre-Assessment » Creating a New Assessment
If you are an Account Administrator, you’ll be able to simply add a new Assessment directly through the homepage of MyCSF. From the MyCSF Homepage, click the ‘+ Create Assessment’ button on the ‘Assessments’ table found under the Organization panel. You…
Manually Generating an Interim Assessment
Interim Assessment (r2 only) » Manually Generating an Interim Assessment
If you are coming up on your 1-year Anniversary of your CSF Certification and have a MyCSF Subscription, please note that your Interim Assessment will auto-generate 90 days prior to the Anniversary of the Certification Date of your Original Assessment. If you wish to…
Creating an Offline Assessment
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment
An Offline Assessment gives you the ability to complete an Assessment outside of MyCSF using a spreadsheet and seamlessly import it back into the application. If you have a MyCSF Subscription and wish to complete your Assessment offline, follow the instructions below…
CSF Version
Pre-Assessment » Creating a New Assessment » Name & Security » CSF Version
On the Name & Security page, you will be permitted to choose an active CSF Version that you may use for your Assessment. CSF Version
Selecting an Assessor
Pre-Assessment » Creating a New Assessment » Name & Security » Selecting an Assessor
On the Name & Security page, you will be permitted to choose an active Assessor Firm that will be Validating this Assessment. Selecting Assessor Form
Setting Assessor Access
Pre-Assessment » Creating a New Assessment » Name & Security » Setting Assessor Access
From the Name & Security page, here is where you will be able to see the assessor permissions associated with the assessment. You can also navigate to this page while filling out this assessment whenever you like by clicking on the Lock Icon. Assessor Permissions …
Recreating a Validated Assessment Object
Interim Assessment (r2 only) » Recreating a Validated Assessment Object
Once an Interim Assessment has been provisioned, please note that you will have to answer all the Pre-Assessment and Assessment Questionnaire identical to your CSF Certification. *If you still have access to the Original Certified Assessment Object, you do not need to…
Comparisons
Analytics » Dashboards » Assessments » Assessments » Comparisons
Compare your Assessments and create your own observations between maturity scores and on where your security stands per Domain, or Statement. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in each of your…
How to Unpublish (Disable) Assessment Inheritability
Inheritance » External Inheritance » Inheritance Providers » How to Unpublish (Disable) Assessment Inheritability
From the ‘Name & Security’ pre-assessment page, uncheck the box next to “Published” and click Confirm when prompted. *Note: The system will automatically unpublish an assessment on its date of expiration—for the r2 Certification: the 2-year…
Cloning an Assessment
Pre-Assessment » Creating a New Assessment » Name & Security » Cloning an Assessment
Cloning an Assessment gives you the ability to transfer all maturity scores, comments, and documents from an existing Assessment into a newly created one. If you wish to complete a new Assessment with existing data from a previous Assessment, follow the instructions…
Setting User Access
Pre-Assessment » Creating a New Assessment » Name & Security » Setting User Access
From the Name & Security page, you will be able to set the users associated with this Assessment under the People section. Place your users in the table as either No Access, Assessment Lead, Standard User, Customer Respondent, Read Only, or a Custom Role. You can…
Phone-Based Two-Factor Authentication Setup
HITRUST Portal » Configuring Two Factor Authentication » Phone-Based Two-Factor Authentication Setup
After successfully authenticating to the HITRUST Portal, you will be directed to the HITRUST Portal Landing page. Follow the steps below on how to properly configure SMS and Voice two factor authentication. From the HITRUST Portal, click the link “Setup how you…
Time-Based Two Factor Authentication Setup
HITRUST Portal » Configuring Two Factor Authentication » Time-Based Two Factor Authentication Setup
After successfully authenticating to the HITRUST Portal, you will be directed to the HITRUST Portal Landing page. Follow the steps below on how to properly configure time-based two factor authentication. From the HITRUST Portal, click the link “Setup how you want…
Configuring Two Factor Authentication
HITRUST Portal » Configuring Two Factor Authentication
The HITRUST Portal supports the use of SMTP, SMS, Phone Call, and Time-Based Authenticator Apps to receive the One Time Passcodes (OTP) necessary to finish the log-in process. By default, all accounts are automatically provisioned with the SMTP option active. If you…
How to Publish (Enable) Assessment Inheritability
Inheritance » External Inheritance » Inheritance Providers » How to Publish (Enable) Assessment Inheritability
From the ‘Name & Security’ pre-assessment page, check the box next to “Published” and click Confirm when prompted to agree to the Inheritance User Terms and Conditions. A published assessment will show a banner icon with a hover-over tooltip next the…
Metrics
Analytics » Dashboards » Metrics
The ‘Metrics’ section compiles industry data that is associated to your organization and reflects averages, standards, and patterns, to their security testing. Users can make quick comparisons on where their organization stands along with any discernment…
Subscriber Management
Administration » Subscriber Management
Depending on the Subscription Level access you have to MyCSF, the Subscriber Management page, is where you can manage and access your account’s ‘People’, ‘API Users’, ‘Custom Security Roles’, ‘Assessments’, ‘Links to HAX’, and ‘IP…
Scorecards
Analytics » Dashboards » Metrics » Scorecards
Determine how your Statement results comply with your average maturity scores to any of the sections of our more popular standardizing bodies. Review your outcomes and compare it to one of the ‘Authoritative Source Sections’ given to discover how secure the…
Benchmarking
Analytics » Dashboards » Metrics » Benchmarking
This option enables a user to search through data that has been collected for relevant Validated Assessments to allow our users to do a quick comparison check against their industry standards. Metrics – The ‘Metrics’ section compiles industry data…
Library Retention
Pre-Assessment » Scoping an Assessment » Library Retention
The Library Retention feature provides visibility into specific changes associated with HITRUST CSF version updates, and allows users to apply those changes to assessment objects created under previous versions of the framework. To begin the update process, open an…
Uploading Evidence
Documents » Uploading Evidence
Upload a piece of evidence you believe will aid you in your assessment. The documents you provide will help support the ‘Assessor’ on why certain Maturity Value selections were made. From the MyCSF Homepage, click on the Assessment name you would like to…
Edit Existing User in the Portal
Administration » Organization Consolidation » User Management » Edit Existing User in the Portal
Follow the instructions below to edit an existing user in your Portal Account: From the User Management table, click the edit icon adjacent to the user’s name. From the modal, you will have the option to edit the user’s first name, last name, role, toggle…
Systems
Pre-Assessment » Scoping an Assessment » Systems
This is your catalog of systems that will be examined in your assessment. The ‘Selected Tab’ will show all of the systems that are to be assessed. The ‘Other Tab’ represents systems that have been applied to your organization previously but will not be…
Facilities
Pre-Assessment » Scoping an Assessment » Facilities
This is your catalog of facilities that will be addressed in your assessment. The ‘Selected Tab’ will show all of the facilities that will be addressed. The ‘Other Tab’ represents systems that have been applied to your organization previously,…
Adding a New Person to the Portal
Administration » Organization Consolidation » User Management » Adding a New Person to the Portal
Follow the instructions below to add a new person to your Portal Account: From the Portal Administration page, click the ‘Add Person’ button on the User Management table. From the modal, enter the ‘First Name’, ‘Last Name’, and ‘Email’. Click the…
Filters
Analytics » Dashboards » Filters
Use the Filters module to narrow down a search on specific Statements you may be looking for and the Assessments they may lie in. This includes filters such as Not Applicable, In Scope, Required for CSF Certification, Maturity Rating, and Gap Rating. Filters –…
Measure & Managed
Analytics » Reports » Internal Reports » Measure & Managed
Find each Domain name and the Statements for the Measured and Managed Scores that have been taken by management. Measure and Managed After authenticating through the ‘MyCSF Portal’, click on ‘Analytics’ in the top Menu bar. Once pressed, choose…
How To Create/Apply Internal Inheritance Requests
Inheritance » Internal Inheritance » How To Create/Apply Internal Inheritance Requests
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button (yellow underline) to open the Inheritance window. 2. From the ‘Requests’ tab within the Inheritance window, select ‘Internal’ from the…
Assessor Timesheet
Documents » Assessor Timesheet
Required for all Validated Assessments, assessor organizations must record all individuals that assisted with the submission of the assessment. External Assessor Time Sheet 1. On the sidebar, click the ‘Time Sheet’ label to be rushed to the Time Sheet page.…
Admin
Analytics » Dashboards » Admin
Under the ‘Admin’ tab, you can view each Assessment’s Administrative and Scoping inputs under this subscription. Click on each function at the top of the page to access one. Admin – This option allows you to review the Pre-Assessment information…
Adding a New Person
Administration » Subscriber Management » Adding a New Person
If you are wishing to add a new person to your MyCSF Account, please follow the steps below: From the Homepage, click the ‘Administration’ button at the top Menu bar or below your Subscription Information. From the Subscriber Management page, click the ‘+ Add…
Downloading Evidence
Documents » Downloading Evidence
If you are looking to download evidence individually, follow the instructions below on Downloading Evidence. On the sidebar, click the ‘Documents’ icon to be redirected to the Assessment’s Document Repository. From the Document Repository, click the name of…
View the Illustrative Procedures
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » View the Illustrative Procedures
r2 Assessment: Use the Illustrative Procedures to help clarify the necessary components to accurately score the statement. From the MyCSF Homepage, click the Assessment name you would like to view. From the Assessment Domain, click on the Assessment Statement of…
Viewing an Assessment
Pre-Assessment » Creating a New Assessment » Viewing an Assessment
From the Hompage of MyCSF, you can view any Assessment that has been generated. To view an Assessment, please follow the steps below to access and view an Assessment within your MyCSF Account. From the Homepage, there is an ‘Assessments’ table that includes…
Selecting Your Assessment
Homepage » Selecting Your Assessment
After setting your Organization an Assessment table will appear with all of the Assessments within your account. Atop the ‘Assessments’ table, is a donut chart displaying a consolidation of the statuses of your Assessments. Click on portions of the donut chart to…
Managing your Documents
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment » Managing your Documents
All of the documents that exist in your Assessments Document Repository will be listed in the excel spreadsheet. You will have the ability to manage existing documents as well as adding new documents (without an attachment) in your Repository. !Please note that when…
Reports
Reports
Reports issued against the HITRUST CSF are uploaded and shared within MyCSF. Follow the steps outlined in these topics for help downloading, approving, and requesting changes for a Report. From the MyCSF Homepage, click on the Assessment name of the report you…
Creating a Custom Assessment Library
Homepage » Creating a Custom Assessment Library
Account Administrators are able to create and manage a Custom Assessment using the HITRUST CSF and its Authoritative Sources using HITRUST provided questions. Please follow the steps below on how to create a customized Assessment Library. From the MyCSF Homepage,…
How To Use the Kanban View To Track Inheritance Requests
Inheritance » External Inheritance » Inheritance Requestors » How To Use the Kanban View To Track Inheritance Requests
The Kanban reporting view can be used to confirm the submitted inheritance requests. Find the Kanban board by: 1. Clicking the Views option in MyCSF and selecting the Kanban View. 2. Then filter for the assessment object name. Hovering over the assessment tile…
Adding a New Custom Role
Administration » Subscriber Management » Adding a New Custom Role
If you have a Corporate Level Subscription or above and you are wishing to add a new custom role to your MyCSF Account, please follow the steps below: From the Homepage, click the ‘Administration’ button at the top Menu bar or below your Subscription…
Configuring a User as a HITRUST CSF practitioner
Internal Assessors » Configuring a User as a HITRUST CSF practitioner
A requirement of the Internal Assessor program is that all users performing Internal Assessor duties must be an active HITRUST CSF Certified Practitioner (CCSFP). In order to have a user validated as a CCSFP, the Account Administrator from your organization must…
Managing Your CAP Repository’s Access
Corrective Action Plans (CAPs) » Managing Your CAP Repository’s Access
By Default, only Account Administrators are permitted to both view and edit an Organization’s CAP Repository as well as add/link CAPs to an Assessment. However, an Account Administrator can delegate these privileges to Standard Users within their entity in a few…
Assessments
Analytics » Dashboards » Assessments » Assessments
Check out each Assessment under your subscription with all of the data applicable to your Assessments under the categories ‘High Level’, ‘Responses’, ‘Results’, ‘Comparisons’, ‘Diary’, ‘Users’,…
Setting IP Restrictions
Administration » Subscriber Management » Setting IP Restrictions
The IP Whitelist can be used to allow an Organization to specify a permitted range of IP Addresses that can be used to access your Organization’s information. To enable IP restrictions, follow the steps below: From the Homepage, click the ‘Administration’…
Performing an Interim Review Assessment
Interim Assessment (r2 only) » Performing an Interim Review Assessment
If you are coming up on your 1-year Anniversary of your CSF Certification, you will need to perform an Interim Assessment. The Interim Assessment is to ensure that the scope of your CSF Certification is still valid. From the Homepage, click on the Assessment with…
How To Create External Inheritance Requests by Requirement
Inheritance » External Inheritance » Inheritance Requestors » How To Create External Inheritance Requests by Requirement
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal window. 2. From the ‘Requests’ tab within the Inheritance Modal, select ‘External’ from the drop-down for the…
Downloading the Report
Reports » bC Assessments » Downloading the Report
Once your bC Report is available for download, you will receive an automated notification from HITRUST like the one shown below: Follow the steps below to download your report: From the MyCSF Homepage, click on the Assessment name of the report you would like to…
Adding a Related Document
Assessment Questionnaire » Completing an Assessment » Answering an Assessment Statement » Adding a Related Document
If you wish to document evidence for an Assessment Statement, use the related documents functionality. You can either reference items previously uploaded or new items that are not yet in your Document repository. From the MyCSF Homepage, click the Assessment…
Approving a Draft Report
Reports » r2 and i1 Assessments » Approving a Draft Report
‘Draft Reports’ are automatically approved 30 days after posting. However, the reports can be manually approved prior to the 30 days, by selecting the ‘Approve HITRUST CSF Report’ button on the ‘CSF Reports’ section, HITRUST will then be notified to…
11.1.1. Downloading the Report
Reports » r2 and i1 Assessments » 11.1.1. Downloading the Report
Once your HITRUST CSF Report is available for download, you will receive an automated notification from HITRUST, like the one below. Your report will be available in the draft state for 30 days to allow you ample time for review. Follow the steps below to download…
Managing Administrative Roles
Administration » People Management » Managing Administrative Roles
Follow the instructions below to manage a user’s Administrative Role. From the Homepage, click the ‘Administration’ button at the at the top Menu bar or below your Subscription Information. Click on the name you wish to update. From the People Management…
Controlling Assessment Roles
Administration » People Management » Controlling Assessment Roles
Follow the instructions below to manage a user’s Assessment Privileges. From the Homepage, click the ‘Administration’ button at the at the top Menu bar or below your Subscription Information. Click on the name of the Assessment you wish to update. From the…
External Inheritance
Inheritance » External Inheritance
External Inheritance allows users to “inherit” assessment results that are shared by the same or different organizational entity. Access and use of external inheritance is subject to the following requirements and available functionality: The owner of the…
Internal Inheritance
Inheritance » Internal Inheritance
Internal Inheritance allows users to “inherit” assessment results that are shared by the same internal organizational entity. Access and use of internal inheritance is subject to the following requirements and available functionality: The owner(s) of both the…
Viewing the Library
Library » Viewing the Library
The HITRUST CSF is a comprehensive and prescriptive framework that can be scaled and tailored based on an organization’s type, size and complexity. This library will include the most interactive and up-to-date source for the HITRUST CSF.
Residual Risk
Analytics » Dashboards » Assessments » Residual Risk
The ‘Residual Risk’ you carry will be nested here and will carry statistics and charts that mark your vulnerability by ‘Residual Risk Score’, ‘CSF Compliance’ and ‘Residual Risk Rating’. ‘Residual Risk’…
Inheritance
Inheritance
Inheritance is a feature within MyCSF that allows maturity level scores associated with specific requirements to be transferred, or “inherited”, from previously scored assessment objects. Maturity scores that originated from an “inheritable” assessment…
Organization Consolidation
Administration » Organization Consolidation
User accounts are consolidated at the Organization level in the HITRUST application landing page. The consolidation helps eliminate redundant accounts at the application module level, and ensures all user accounts are associated with one Organization based on their…
Attaching Partner Agreement
Documents » Attaching Partner Agreement
The ‘Partner Agreement’ is made by and between the ‘Participant’ and HITRUST Services Corporations. 1. On the sidebar, click the ‘Partner Agreement’ label to be rushed to the Partner Agreement page. 2. Click on the ‘See a Template’ link to download…
Attaching the Management Representation Letter
Documents » Attaching the Management Representation Letter
Every Assessment submitted to HITRUST must include a Management Representation Letter executed on your Organization’s Letterhead, signed by the appropriate level of management overseeing the Assessment, and dated the last day of testing. 1. On the sidebar, click the…
CAPs
Analytics » Dashboards » CAPs
The CAPs function is prepared by your Assessor Organization and the Assessor as applicable, and will also serve to describe a ‘Corrective Action Plan (CAP)’. These measurements describe the plan to correct deficiencies identified during the Assessment for…
HITRUST Portal
HITRUST Portal
This topic will instruct you on how to properly login to the HITRUST Portal, setup and manage Two Factor Authentication, change and/or reset a Password, and access the MyCSF and/or Assessment XCHANGE Application(s). HITRUST Portal Sub-Topics Logging in to the…
Submit a Domain to an Assessor
Assessment Questionnaire » Submitting an Assessment » Submit a Domain to an Assessor
When you are ready to submit your domain to your assessor for validation, press the link located in the green banner above the Assessment Statements for the Domain that you’ve finished. This link will not become available until all of the Assessment Statements have…
Home
Analytics » Dashboards » Home
Here you will see your total ‘Assessments’, ‘Avg. Maturity Score per Domain’, as well as your ‘Gap Status’, and ‘Residual Risk Rating’ charts. Home – Here is the homepage you will automatically arrive at upon…
Library
Library
Located at the top of the Menu bar, the Library can be viewed and/or exported as a template, based on the any of your downloaded versions. You can interact with the HITRUST CSF in a top to bottom structure starting from the Control Category, Control Objective, Control…
Analytics
Analytics
The ‘Analytics’ feature complements ‘MyCSF’ by delivering extensive and practical information about your Assessments in a multitude of venues ranging from viewing your Avg Maturity Scores per Assessment, Benchmarking scores with other…
Benchmarking
Analytics » Dashboards » Metrics » Benchmarking » Benchmarking
Review each domains Avg Maturity Scores and find the averages between two or more Assessments and the industry Benchmark. Benchmarking – This option enables a user to search through data that has been collected for relevant Validated Assessments to allow our…
Assessments
Analytics » Dashboards » Assessments
Here in the ‘Assessments’ tab, view statistics about each ‘Assessment Statement’ you have entered, and the relevant actions during ‘Completing an Assessment’ you may or may have not placed alongside it. Review your…
Diary
Analytics » Dashboards » Assessments » Assessments » Diary
Review your ‘Diary Entries’ and what you and your Assessor have conversed about regarding any Statement that you can your Assessor have spoken about. This is a useful feature for record keeping all on your ‘Diary’ function. Assessments –…
CAP Status
Analytics » Dashboards » CAPs » CAP Status
Here you will find the whereabouts on where your CAPs stand as well as insightful charts that label your ‘GAP Identified’ and ‘CSF Compliant’ status. CAPs – Find all of the deficiencies you have made in your Assessment and review the…
CAP Management
Analytics » Dashboards » CAPs » CAP Management
View all of the statuses of each Statement that have been issued a ‘CAP Management’ and the maturity scoring from these Statements. CAPs – Find all of the deficiencies you have made in your Assessment and review the CAPs placed by your users within…
Reset
Analytics » Dashboards » Reset
Click on this button to refresh the page and restore any settings you have made in the filters and any modifications you have made in the Dashboards feature. Reset – This function allows you to reset all of the filters you have applied and any changes you have…
How To View Internally-Inherited Assessment Scores
Inheritance » Internal Inheritance » How To View Internally-Inherited Assessment Scores
1. From the Assessment Domain, expand the requirement statement view and click on the ‘Inheritance’ button to open the Inheritance Modal. 2. Within the Inheritance Modal, click on the ‘Scoring’ tab. The first line shows the internal assessment from which…
Attaching the QA Checklist
Documents » Attaching the QA Checklist
The HITRUST CSF Assessor Quality Checklist is a required Document that must be signed by the Engagement Executive and Assessor QA Resource for all Validated Assessments. 1. On the sidebar, click the ‘QA Checklist’ label to be rushed to the QA Checklist page.…
Evaluating your Clients Assessment’s Statements
Assessment Questionnaire » Completing an Assessment » Creating and Importing Assessor Evaluation for an Offline Assessment » Evaluating your Clients Assessment’s Statements
Once you have downloaded the excel spreadsheet, you are now able to evaluate and validated your Assessment Statements offline. 1. From the spreadsheet, click on the ‘Assessment’ sheet to add your maturity evaluation and comments for each Assessment…
Compliance
Analytics » Dashboards » Assessments » Compliance
Under the ‘Controls’ category, find all of your domains maturity scores by ‘CSF Compliance’, ‘CSF Baseline’, and ‘CSF Results’. Controls – Find all of your data sorted by control level and sifted down to…
MyCSF Application
MyCSF Application
MyCSF is a full-featured Assessment Application that streamlines the compliance and risk management process. Simplistic in design, the tool efficiently helps manage all of your HITRUST CSF Assessments and Implementations. Homepage of MyCSF
Answering your Assessment’s Statements
Assessment Questionnaire » Completing an Assessment » Creating an Offline Assessment » Answering your Assessment’s Statements
Once you have downloaded the excel spreadsheet, you are now able to answer your Assessment Statements offline. 1. From the spreadsheet, click on the ‘Assessment’ sheet to select if a Statement is or not applicable, maturity scores for each maturity level, and…
Users
Analytics » Dashboards » Assessments » Assessments » Users
View all of the users that been ‘Assigned a Statement’ and take a look if a user has completed or has not started the Statements assigned to him/her. Assessments – View your Assessment Result in detail and view the maturity scores by Statements in each…
Attaching Test Plans
Documents » Attaching Test Plans
Mandatory after April 1, 2019 for all Validated Assessments, thorough Test Plans must be submitted to meet the HITRUST Requirements covering the testing of all required controls. Test plans should document with signatures, the Engagement Executive, QA Resource, and…
High Level
Analytics » Dashboards » Assessments » Assessments » High Level
View your chosen Assessment at the highest ‘Avg Maturity Level’ available, accompanied by two interactive charts relating to your Assessment’s ‘Status Filters’ and ‘GAP Status’ for your Statements. Assessments – View your…
High Level
Analytics » Dashboards » Assessments » Compliance » High Level
View your chosen Assessment at the highest ‘CSF Compliance per Domain’ available, partnered with ‘Maturity Rating per Domain’ for your Statements. Compliance – Find all of your data sorted by control level and sifted down to individual…
CSF Compliance
Analytics » Dashboards » Assessments » Compliance » CSF Compliance
View your chosen Assessment by ‘CSF Compliance’ rate and compare them to those that are ‘Fully Compliant’, ‘Partially Compliant’, or ‘Not Compliant’ Statements. Compliance – Find all of your data sorted by control…
High Level
Analytics » Dashboards » Assessments » Residual Risk » High Level
This option allows us to view the ‘Table of Domains’ and the ‘Residual Risk Ratings’ that each carries for Statements ‘Completed in your Assessment’. Residual Risk – Investigate the areas of your Assessment that may or may…