HITRUST offers two types of CSF Assessments – a self-assessment and a validated assessment.
- Self-assessments allow organizations to assess themselves using HITRUST’s standard methodology, requirements, and tools provided under the CSF Assurance Program.
- Validated assessments are conducted by a HITRUST Approved External Assessor. The CSF Assurance Program’s assessment methodology is used and the controls are scored using HITRUST’s maturity approach to control implementation. Assessments meeting or exceeding the current CSF Assurance Program requirements receive a HITRUST validated report, which can include certification based upon maturity scoring.
Thanks for your feedback.