HITRUST has recognized for some time that the current model used in the industry for Third-Party Assurance is fraught with inefficiencies and unnecessary costs by requiring duplicative questionnaires and assessments, which tend to distract organizations from monitoring controls and remediating identified deficiencies. Organizations can streamline the compliance process and reduce costs with a standardized approach to performing assessments and reporting security controls by utilizing the HITRUST CSF Assurance Program. The tools and methodologies organizations utilize to complete assessments as part of the HITRUST CSF Assurance Program are built around the HITRUST CSF and allow organizations to assess and report against multiple sets of requirements. The result allows assessing organizations to undergo one assessment and report to multiple entities, providing the industry with a consistent and effective standard. In fact, several large healthcare entities now require their business associates to provide a HITRUST CSF Validated or Certified Report.