Security News > 2020 > June > HITRUST CSF 9.4: Incorporating authoritative sources of any security and privacy framework
HITRUST CSF version 9.4 now incorporates and harmonizes the largest number of authoritative sources of any security and privacy framework, most recently adding the CMMC framework and two community-specific standards, as well as updating existing sources for continued relevancy.
As security and privacy requirements change in response to new and updated global laws and regulations, or breaches and other cyber events, HITRUST is committed to maintaining and expanding the relevancy and applicability of the HITRUST CSF to meet the continually evolving regulatory and risk-management landscape and associated control requirements.
"HITRUST recognizes the complexity of managing information risk and compliance-no matter what industry you are in," said Sarah Phillips, Senior Manager of Standards for HITRUST. "We are committed to helping organizations address these challenges through maintaining the relevance of the HITRUST CSF by adding and updating authoritative sources, providing the depth and breadth of controls needed, while eliminating redundancies and the need for organizations to interpret and harmonize a multitude of global frameworks, standards, and regulations."
HITRUST has established a mechanism in the HITRUST CSF, that is enabled through MyCSF for these requirements to be incorporated, harmonized, and selected for inclusion during the assessment process and then included in the HITRUST CSF Assessment Report.
"The HITRUST CSF maps to CMMC requirements and we have developed a white paper to help organizations understand and instill confidence in the HITRUST Approach," explained Dr. Bryan Cline, Chief Research Officer, HITRUST. "Organizations utilizing HITRUST to operationalize CMMC as part of their existing information protection program can quickly assess CMMC Practice and Process maturity with accuracy and precision."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/-7HAYhmEl4c/