Skip to content

You are in Control with HITRUST MyCSF®

MyCSF puts risk analysis, assessment, and corrective action plan management at your fingertips. By leveraging our years of experience in the information security and regulatory compliance space, we developed our secure, easy-to-use app that provides organizations with the one tool they need to assess, manage, and report information risk and compliance. 

MyCSF can add additional functionality to your governance, risk, and compliance (GRC) tools, or provide organizations with a standalone platform. 


Features of MyCSF

Here are ways MyCSF can help organizations improve efficiencies while assessing, managing, and reporting information risk and compliance: 

Support All Phases of HITRUST® Certification Journey

Build on previous results as you move from one type of assessment to another as your business needs change.

Tailor and Configure

Streamline the assessment process by selecting the most appropriate control requirement statements for complete flexibility during r2 assessments. Create and store customized control libraries for targeted assessments.

Centralize Corrective Action Plans (CAPs)

Manage all CAPs across your organization in one location, including those from non-HITRUST assessments.

Track Assessments Submitted for CSF Reports

Simplify the monitoring of HITRUST-reviewed requirement statements and respond to HITRUST assurance comments.

Integrate and Exchange Assessment Data Through Robust API

Streamline data sharing with various systems, including GRC tools.

Centralize Assessments

Maintain a library of past and current assessment results with supporting documentation, link to control requirements and maturity domains, and locate and view uploaded evidence with an in-browser document reader.

Model HITRUST Assessment Results

Preview changes in scope, authoritative sources, or framework version to see the impact on an assessment before it’s integrated.

Create Advanced Analyses and Dashboards

Create customized reporting, charts, and dashboards based on assessment scoring.

Inherit Controls

Inherit results and scores from your organization’s existing assessments and from other, HITRUST-certified service providers, including industry-leading cloud service providers.

Gain Understanding Through Insights Reporting

Leverage the power of HITRUST’s Insights Reports to gain a detailed understanding of your assessment scoring.

Share Streamlined Assurance Data with Results Distribution System® (RDS)

Seamlessly integrate assurance data with GRC tools and third-party risk management systems and share in real time.

Benefits of MyCSF



Assures that strong risk management and compliance programs are in place



Reduces expense with purpose-built features and functionality that simplify program management


Adapts to various needs including third-party risk management, compliance, business partner assurances, and internal reporting


Reflects the latest industry trends and user feedback through regular updates


Fits businesses of any size and stage to allow for effortless growth and adaptation


Protects sensitive data
with robust security
measures embedded
within the platform

Learn how to get the
most from MyCSF.


of MyCSF

Latest MyCSF
user guide
MyCSF Compliance and
Reporting Pack for HIPAA

Ready to take your information security program to the next level?


Chat Now

This is where you can start a live chat with a member of our team