
HITRUST® Launches Version 9.4 of the HITRUST CSF®
The latest release of the HITRUST CSF furthers benefits towards One Framework, One Assessment, Globally.
FREMONT, CA: HITRUST is a leading data protection standards development and certification organization, has announced the accessibility of version 9.4 of the HITRUST CSF information risk and compliance management framework, which is further on its task of One Framework, One Assessment, Globally.
HITRUST CSF version 9.4 now includes and harmonizes the most significant amount of authoritative sources of any security and privacy framework, recently adding the CMMC framework and two community-specific standards, and also updating existing sources for relevancy.
As security and privacy requirements evolve in response to new and updated global laws and the regulations, or breaches, and various cyber events, HITRUST is dedicated to maintaining and expanding the relevancy and applicability of the HITRUST CSF to fulfill the continually evolving regulatory and risk-management landscape and associated control requirements. HITRUST CSF v9.4 related updates include:
Integrating the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC) v1.0,
Updating the NIST SP 800-171 r2 mappings to make sure of continued alignment,
Piloting the incorporation of community-specific authoritative sources to extend the Assess further Once, Report Many benefits of the HITRUST Approach, and
Enabling HITRUST MyCSF® platform functionality that provides DoD CMMC customers with the ability to select CMMC Maturity Level specific CSF needs in support of compliance pursuits.
"HITRUST recognizes the complexity of managing information risk and compliance no matter what industry you are in," says Sarah Phillips, Senior Manager of Standards for HITRUST. "We are committed to helping organizations address these challenges through maintaining the relevance of the HITRUST CSF by adding and updating authoritative sources, providing the depth and breadth of controls needed, while eliminating redundancies and the need for organizations to interpret and harmonize a multitude of global frameworks, standards, and regulations."
HITRUST understands the issues of assembling and maintaining the varied programs needed to manage information risk and compliance. The HITRUST CSF is a vital component of the HITRUST Approach, which provides organizations with an integrated information risk management and compliance solution, which makes sure that all programs are aligned, maintained, and comprehensive to support an organization's information risk management and compliance objectives.
In constructing a framework that can fulfill the needs of organizations locally, nationally, and globally, HITRUST understands that various organizations may have requirements imposed as a result of being part of a smaller community such as a subset of an industry group, a State Agency, or by a cooperative sharing agreement. In numerous cases, these might not be new security or privacy controls, but a more specific implementation requirement. HITRUST has secured a mechanism in the HITRUST CSF that is enabled via MyCSF for these requirements to be included, harmonized, and selected for inclusion during the assessment process and then incorporated in the HITRUST CSF Assessment Report. The intent is to cut any additional assessments by allowing organizations to Assess Once, Report Many. HITRUST CSF v9.4 comprises of two such community standards, and they are evaluating the inclusion of others depending on market demand.
"The HITRUST CSF maps to CMMC requirements and we have developed a white paper to help organizations understand and instill confidence in the HITRUST Approach," explained Dr. Bryan Cline, Chief Research Officer, HITRUST. "Organizations utilizing HITRUST to operationalize CMMC as part of their existing information protection program can quickly assess CMMC Practice and Process maturity with accuracy and precision."
Featured Vendors
EDITOR'S PICK
Essential Technology Elements Necessary To Enable...
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
Comparative Data Among Physician Peers
By George Evans, CIO, Singing River Health System
Monitoring Technologies Without Human Intervention
By John Kamin, EVP and CIO, Old National Bancorp
Unlocking the Value of Connected Cars
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
Digital Innovation Giving Rise to New Capabilities
By Gregory Morrison, SVP & CIO, Cox Enterprises
Staying Connected to Organizational Priorities is Vital...
By Alberto Ruocco, CIO, American Electric Power
Comprehensible Distribution of Training and Information...
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
The Current Focus is On Comprehensive Solutions
By Sergey Cherkasov, CIO, PhosAgro
Big Data Analytics and Its Impact on the Supply Chain
By Pascal Becotte, MD-Global Supply Chain Practice for the...
Technology's Impact on Field Services
By Stephen Caulfield, Executive Director, Global Field...
Carmax, the Automobile Business with IT at the Core
By Shamim Mohammad, SVP & CIO, CarMax
The CIO's role in rethinking the scope of EPM for...
By Ronald Seymore, Managing Director, Enterprise Performance...
Driving Insurance Agent Productivity with Mobile and Big...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
Transformative Impact On The IT Landscape
By Jim Whitehurst, CEO, Red Hat
Get Ready for an IT Renaissance: Brought to You by Big...
By Clark Golestani, EVP and CIO, Merck
Four Initiatives Driving ECM Innovation
By Scott Craig, Vice President of Product Marketing, Lexmark...
Technology to Leverage and Enable
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
AI is the New UI-AI + UX + DesignOps
By Amit Bahree, Executive, Global Technology and Innovation,...
Evolving Role of the CIO - Enabling Business Execution...
By Greg Tacchetti, CIO, State Auto Insurance
Read Also
Major Trends Shaping Fintech Revolution
BANKEX: Secured Blockchain-based Tokenization
Importance of Artificial Intelligence Drones
