- How can I use the CSF Assurance Program for third-party risk management?
- How much does it cost to get a HITRUST CSF certification?
- How often do I need to get a report?
- How many questions, and how long will it take?
- How do I understand the CSF Assessment report I have received?
- What types of questions are there, and what information will we need to provide?
- Can I provide my ISO 27001 certification in lieu of CSF certification for third-party assurance?
- Is a current SOC 2 acceptable for meeting the third party assurance requirements?
- Can any CPA firm issue a joint SOC 2/HITRUST CSF Certified report?
- How is HITRUST and covered entities engaging with the HITRUST Third Party Assurance?
Thanks for your feedback.