Overview
HITRUST has published exposure drafts of the Risk Management Handbook and Assessment Handbook.
- The Risk Management Handbook presents risk management concepts and methodologies foundational to the HITRUST Approach™. The handbook is intended to help support integration of HITRUST products, services, and tools into an organization’s existing risk management program.
- The Assessment Handbook defines the requirements for organizations assessing their information protection programs against the HITRUST CSF through a readiness or validated assessment. The assessment handbook is intended to provide guidance and expectations of the assessment process to the HITRUST community.
HITRUST invites all stakeholders to review the proposed Risk Management Handbook and Assessment Handbook, then submit feedback using the links below.
Exposure Drafts
- Risk Management Handbook Exposure Draft
Submit Comments - Assessment Handbook Exposure Draft
Submit Comments
Timeline
The exposure drafts of the Risk Management Handbook and Assessment Handbook are available now for review. Please use the links above to access the handbooks and submit all comments by July 7, 2023.
The Risk Management Handbook and Assessment Handbook are not yet final and will not be enforced during the exposure draft review period. HITRUST will continue to enforce the existing guidance published within the HITRUST website.
Additional Information
For any additional questions, please contact our Support team or a HITRUST Customer Success Manager.