While it’s possible, the likelihood that an organization can be certified against the NIST Cybersecurity Framework without meeting the requirements for HITRUST CSF certification are very small. This is because each certification is based on a single assessment. While the individual scores for each control requirement are the same, the scores are aggregated differently to support reporting against the HITRUST CSF Assessment Report domains and the NIST Cybersecurity Framework Core Categories.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment