HITRUST® i1
HITRUST i1 - 1-year Validated Assessment delivers broad and reliable assurances against current and emerging cyber threats.
i1 is a good fit for organizations with robust information security programs in place that are ready to demonstrate leading security practices. It’s often suitable for mid-level organizations and offers a more comprehensive level of assurance than the e1, with more controls in scope. Work done to attain an active i1 certification can be applied toward attaining an r2.
Benefits of the i1 Assessment
Uses Leading Security Practices
Uses Leading Security Practices
Supports a complete cybersecurity program that evolves based on regular analysis of threat intelligence data
Delivers Higher Reliability
Delivers Higher Reliability
Provides stronger assurances than comparable assessments with a similar level of time
and effort
Streamlines Assessment Process
Streamlines Assessment Process
Focuses on implementation to practically assess information security programs
Allows For Rapid Recertification
Allows For Rapid Recertification
Dramatically simplifies the i1 recertification process
Use Cases for the i1 Assessment
An i1 assessment offers mid-level organizations a more comprehensive level of assurance than the e1
- For reliable measurement and assurance against a robust portfolio of cybersecurity controls.
- To demonstrate broad protection against current and emerging threats, which can help meet contractual and compliance obligations.
- To show justification for more favorable cyber insurance premiums.
- For organizations that need to share reports with multiple entities.
An i1 assessment can be a step between an e1 and r2 certification
- To prepare for a more robust r2 assessment.
An i1 assessment can be used for third-party risk management
- To ensure that business partners use leading security practices for reliable information protection.
- To establish a meaningful benchmark for third-party service providers progressing their
cybersecurity programs.