Skip to content

Shared Responsibility and Inheritance Program

The HITRUST® Shared Responsibility and Inheritance Program allows organizations to reuse inheritable controls from internal and external third-party organizations. Controls can be inherited from vendors, major cloud service providers (CSPs) and your organization’s existing HITRUST Validated or Certified Assessments.

No other framework provides this capability.

Because major CSPs hold HITRUST certifications, customers who are pursuing HITRUST certification can automatically inherit their CSP’s security controls, making it easier and quicker to achieve security certification.

Framework - Fact-2
Clarity
Clarity

A simple methodology and standardized structure clearly define who owns the different cloud security controls to avoid ambiguity in cloud environments.  

Transparency
Transparency

Inheritance is transparent, easily accessible, and commonly adopted by major CSPs and their users. This enables organizations to quickly understand and efficiently inherit existing control assessment data. 

Time and Cost Savings
Time and Cost Savings

With inheritance from prior HITRUST assessments, organizations can inherit as much as 70%-85% of requirements in HITRUST assessments from participating CSPs, eliminating redundancy and helping save time and costs.  

Efficient Risk Management
Efficient Risk Management

Organizations can have seamless communication with CSPs and other vendors to facilitate efficient cyber risk management by aligning understanding and logistics to share controls equitably.

Shared Responsibility Matrices

Download the specific Shared Responsibility Matrix from our list of major CSPs and many other prominent cloud data platforms.

See all Matrices

HITRUST Baseline Shared
Responsibility Matrix

Download our free, easy-to-use baseline template.

See our Baseline Matrix

Need more information?

View all relevant resources about our Shared Responsibility
and Inheritance Program.

 
eBook: Accelerate your HITRUST 
journey through inheritance
Learn More
 
Webinar: Accelerate your HITRUST
journey through inheritance
Learn More
 
Presentation: How to use MyCSF inheritance with
Shared Responsibility Matrices (SRMs)
Learn More
 
Shared Responsibility Matrices
Learn More
Visit the HITRUST Resource Center

Ready to take your information security program to the next level?

Get Started with HITRUST
Chat

Chat Now

This is where you can start a live chat with a member of our team