HITRUST offers two types of CSF Assessments – a self-assessment and a validated assessment.

  • Self-assessments allow organizations to assess themselves using HITRUST’s standard methodology, requirements, and tools provided under the CSF Assurance Program.
  • Validated assessments are conducted by a HITRUST Approved External Assessor. The CSF Assurance Program’s assessment methodology is used and the controls are scored using HITRUST’s maturity approach to control implementation. Assessments meeting or exceeding the current CSF Assurance Program requirements receive a HITRUST validated report, which can include certification based upon maturity scoring.

For more information, refer to the HITRUST Webpage Which Assessment is Right for Me? and the CSF Assurance Program Requirements brochure.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment