Wishlist
0
Hello, Sign in
Register
Login
+
Home
Training Schedule
CCP
Schedule
Virtual Class
Public Class
Bundle (CCP + CCA)
Self-Study
Portal Subscription
Practice Quiz
CMMC Playbook
References
CCA
Schedule
Virtual Class
Public Class
Bundle (CCP + CCA)
Self-Study
Portal Subscription
Practice Quiz
CMMC Playbook
References
CHP
Schedule
Registration
Online Program
Renewal
Retake Exam
Portal Subscription
References
CSCS™
Online Program
Renewal
Retake Exam
Portal Subscription
CCSA℠
Online Program
Renewal
Retake Exam
Practice Quiz
Portal Subscription
aiCRP
aiCRP Training Program
AI NIST Plan Assessment
AI Policy Template
AI Governance Playbook
Combo Sale
Public CHP Sale
Virtual CHP Sale
CCSA℠ + CSCS™
CHP + CSCS™
Cyber Defense Package | CHP + CCSA℠ + CSCS™ + CCP + CCA
DoD CMMC Package | CCA + CCP
Cyber Compliance Package | CHP + CCSA℠ + CSCS™
CCP + CCA Portal Subscription
Programs
HIPAA
Virtual HIPAA Assessment
HIPAA Policy
HIPAA Procedure
Checklist
HIPAA Compliance
HIPAA Playbook
HITRUST
Workshop
NIST
Consulting/Readiness Program
NIST Cybersecurity Framework Evidence Consulting - 50 Hrs
NIST Cybersecurity Framework Evidence Readiness
NIST Cybersecurity Framework Policy Consulting - 25 Hrs
NIST Cybersecurity Framework Policy Readiness
NIST Cybersecurity Framework Procedure Consulting - 50 Hrs
NIST Cybersecurity Framework Procedure Readiness
NIST Cybersecurity Framework Readiness Program
Templates
NIST SP 800-53 R5 Policy Template
NIST SP 800-53 R5 Procedure Template
NIST 800-171 Policy Template
NIST Cybersecurity Framework Policy Template
NIST Cybersecurity Framework Procedure Template
CMMC
Classes
CCP Public Class
CCP Virtual Class
CCA Public Class
CCA Virtual Class
Practice Quiz
CCP Practice Quiz
CCA Practice Quiz
CCP & CCA Practice Quiz
Templates
CMMC L1 Policy Template
CMMC L1 Procedure Template
CMMC L2 Policy Template
CMMC L2 Procedure Template
CMMC L3 Policy Template
CMMC L3 Procedure Template
CMMC Level 1 Self-Assessment Portal
CMMC Level 2 Readiness Portal
Getting Started with CMMC
CMMC Playbook
CMMC for Executives
CCP + CCA Portal Subscription
CMMC ATP Login
NIST Templates
NIST Cybersecurity Framework Policy Template
NIST Cybersecurity Framework Procedure Template
NIST SP 800-53 R5 Policy Template
NIST SP 800-53 R5 Procedure Template
NIST SP 800-171 Policy Template
Training Options
Virtual
Online Virtual CHP
Online Virtual CCP
Online Virtual CCA
Workshop/Webinars
Public
CMMC Certified Professional (CCP)
Certified HIPAA Professional (CHP)
CMMC Certified Assessor (CCA)
Portal Subscription
CCP Portal Subscription
CCA Portal Subscription
CCP & CCA Portal Subscription
CHA™ Portal Subscription
CHP Portal Subscription
CSCS™ Portal Subscription
CCSA℠ Portal Subscription
Online Certification
Exam
CHP Exam
CSCS™ Exam
CCSA℠ Exam
CHA™ Exam
Renewals/Retake
Certification Renewal
CHP Renewal
CSCS™ Renewal
CCSA℠ Renewal
CHA™ Renewal
Certification Retake
CHP Retake
CSCS™ Retake
CCSA℠ Retake
CHA™ Retake
Others
Study Guide
CHP Study Guide
CSCS™ Study Guide
CCSA℠ Study Guide
CHA™ Study Guide
Templates
Policy Template
Procedure Template
Cyber Plans
Ransomware Readiness Plan
Cyber Incident Response Plan
Enduser Training
HIPAA Information Security
Insider Threats
FAQ
CHP
CSCS™
CCSA℠
AI NIST Risk Management Plan
Templates
CMMC Template
CMMC L1 Policy Template
CMMC L1 Procedure Template
Upgrade Bundle! CMMC Policy and Procedure Templates and Self-Assessment Portal
CMMC L2 Policy Template
CMMC L2 Procedure Template
HIPAA Templates
HIPAA Security Policy Provider Template
HIPAA Privacy Policy Provider Template
HIPAA Privacy and Security Templates Bundle for Covered Entity
HIPAA Security Policy Business Associate Template
HIPAA Privacy Policy Business Associate Template
HIPAA Privacy and Security Templates Bundle for Business Associates
BAA Template for Covered Entity to Business Associate
Business Associate to Business Associate Sub-contractor Agreement Template
NIST Templates
NIST Cybersecurity Framework Policy Template
NIST Cybersecurity Framework Procedure Template
NIST SP 800-53 R5 Policy Template
NIST SP 800-53 R5 Procedure Template
NIST SP 800-171 Policy Template
ISO 27001 Policy Template
PCI DSS Policy Template
GDPR Policy Template
HIPAA
HIPAA Toolkit
HIPAA End-User Training
HIPAA Bundle
HIPAA Playbook
HIPAA Templates
HIPAA Security Policy Provider Template
HIPAA Privacy Policy Provider Template
HIPAA Privacy and Security Templates Bundle for Covered Entity
HIPAA Security Policy Business Associate Template
HIPAA Privacy Policy Business Associate Template
HIPAA Privacy and Security Templates Bundle for Business Associates
BAA Template for Covered Entity to Business Associate
Business Associate to Business Associate Sub-contractor Agreement Template
NIST Templates
NIST Cybersecurity Framework Policy Template
NIST Cybersecurity Framework Procedure Template
NIST SP 800-53 R5 Policy Template
NIST SP 800-53 R5 Procedure Template
NIST SP 800-171 Policy Template
Toolkits
CMMC Level 1 Bundle
CMMC Level 2 Bundle
NIST SP 800-171 r2 Toolkit
NIST SP 800-53 r5 Toolkit
IT Toolkit
PCI DSS Toolkit
23 NYCRR 500 Toolkit
CCPA Toolkit
Incident Response Toolkit
Mappings Toolkit
GDPR Toolkit
NIST Cybersecurity Framework Toolkit
CCA
Schedule
Virtual Class
Bundle (CCP + CCA)
Portal Subscription
Practice Quiz
CMMC Playbook
References
Renewal
CHP Renewal
CSCS™ Renewal
CCSA℠ Renewal
CHA™ Renewal
aiCRP Renewal
Playbooks
CMMC Playbook
CMMC Playbook Level 1
CMMC Playbook Level 2
CMMC Playbook Level 3
Getting Started with CMMC
HIPAA Playbook
AI Risk Management Playbook
SSP Playbook
CUI Playbook
SSP
Level 1 Template
Level 2 Template
Program Catalog
HITRUST Proposal
HITRUST Proposal
1. Organization Name
*
This field is required!
2. Name
*
This field is required!
3. Title
*
This field is required!
4. Email
*
Enter valid Email
5. Phone
*
Phone Number format should be in (eg: 585.313.2336)
This field is required!
6. Website
*
Enter valid domain
7. Address
*
This field is required!
8. City
*
This field is required!
9. State
*
This field is required!
10. Zip
*
This field is required!
11. Country
*
Select
This field is required!
12. What type of Assessment(s) are you interested in?
e1 Readiness Assessment
e1 Validated Assessment
i1 Readiness Assessment
i1 Validated Assessment
r2 Readiness Assessment
r2 Validated Assessment
HITRUST AI Risk Management Assessment
I dont know! I need guidance
a. Are you also interested in the AI Risk Management Assessment?
Yes
No
13. Does your organization have a MyCSF Subscription?
Yes
No
14. What is your entity "Type"?
*
Covered Entity
Business Associate
Other
15. What line of business best describes your organization?
*
Health Plan / Insurance / PBM
Medical Facility / Hospital
Physician Practice
Pharmacy Company
Health Information Exchange (HIE)
Bio Tech
IT Service Provider
Non-IT Service Provider
Third-Party Processor
Federal Agency or Contractor
Other
16. Which locations will be included in the assessment scope?
*
USA Only - single location
USA Only - multiple locations, same state
USA Only - multiple locations / multiple states
USA & Off-shore
Offshore Only
17. Do you offer Infrastructure as a Service (IaaS)?
Yes
No
18. Please enter the number of Employees
19. What is the business driver for the Assessment?
Contract / Business Requirement
To demonstrate risk management posture to the Board/Business Partners
Other
20. Total Number of Records Held
Less than 1 Million
1 Million – 10 Million
Greater than 10 Million
10 Million - 60 Million
Greater than 60 Million
21. Have your Policies been reviewed, updated & approved in the last 12 months?
Yes
No
22. Have your Procedures been reviewed, updated & approved in the last 12 months?
Yes
No
System Information
Information about the in-scope systems
23. Please enter the number of sites to be included In-Scope
24. Select ALL that apply to the In-Scope terms
Accessible from the Internet
Accessible by a Third-Party (e.g., for support or maintenance)
Transmits or receives data with a Third-Party/business partner
Accessible from a public location (e.g., kiosk)
Mobile devices are used in the environment (e.g., laptops, smartphones)
25. Select the number of interfaces to other systems
Fewer than 25
25 to 75
Greater than 75
26. Select the number of In-Scope users
Fewer than 500
500 to 5,500
Greater than 5,500
27. Select the number of transactions per day
Fewer than 6,750
6,750 to 85,000
Greater than 85,000
28. Is any part of the In-Scope environment hosted in the cloud?
Yes
No
29. Does the In-Scope environment allow dial-up/dial-in capabilities (i.e., functional analog modems)?
Yes
No
30. Is In-Scope information sent and/or received via fax machine (i.e., an actual machine, excluding eFax or scan to email)?
Yes
No
31. Are hardware tokens used as an authentication method within the In-Scope environment?
Yes
No
32. Are wireless access points allowing access to the In-Scope environment in place at any of the organization's In-Scope facilities?
Yes
No
33. Does the organization perform information systems development (either in-house or outsourced) for any In-Scope system, system service, or system component?
Yes
No
34. Does the organization use any part of the In-Scope systems, system components, or system services to sell goods and/or services?
Yes
No
35. Is In-Scope information sent by the organization using courier services, internal mail services, or external mail services (e.g., USPS)?
Yes
No
36. Does the organization allow personally-owned devices to connect to In-Scope organizational assets (i.e., BYOD - bring your own device)?
Yes
No
37. Do any of the organization's personnel travel to locations the organization deemed to be of significant risk?
Yes
No
38. Does the organization allow the use of electronic signatures to provide legally binding consent within the In-Scope environment, e.g., Simple or Basic Electronic Signatures (SES), Advanced Electronic or Digital Signature (AES), or Qualified Electronic or Digital Signatures (QES)?
Yes
No
39. Does the system allow users to access the In-Scope environment from an external network that is not controlled by the organization?
Yes
No
Risk Factors
40. Select ALL that apply to the In-Scope terms
HIPAA Compliance
Privacy
Security
Breach Notification
FISMA (Federal Information Security Management Act) Compliance
FTC (Federal Trade Commission) Red Flags Rule Compliance
Joint Commission Accreditation
PCI Compliance (Payment Card Industry)
State of Massachusetts Data Protection Act
CMS (Centers for Medicare & Medicaid) Minimum Security Requirements
State of Nevada Security of Personal Information Requirements
Texas Health and Safety Code
MARS-E Requirements (Minimum Acceptable Risk Controls for Exchanges)
FTI Requirements (Federal Tax Information Security)
EU GDPR
Data Processor
Data Controller
CA Civil Code 1798.81.5
EHNAC Accreditation
Banking Regulations
FedRAMP Certification
23 NYCRR 500
IRS Pub 1075 Compliance
21 CFR Part 11
HITRUST De-ID Framework Requirements
CCPA
CRR V2016
Singapore Personal Data Protection Act
SCIDSA Requirements
16 CFR 314
Community Supplemental Requirements 002
Data Governance Framework
Digital Operational Resilience Act (DORA)
ISO/IEC 27001:2022
ISO/IEC 27002:2022
ISO/IEC 29151:2017
ISO 31000:2018
MITRE ATLAS
NAIC Insurance Data Security Model Law
NIST Cybersecurity Framework 2.0
NIST SP 800-171 r3
NIST SP 800-172
NY OHIP Moderate-plus Security Baselines v5.0
OWASP AI Exchange
OWASP ML Top 10
Supplemental Requirements
TX-RAMP 2.0
VA Directive 6500
Legacy Inheritance Support
Security for AI Systems
NIST SP 800-171 r2
Basic Requirements
Derived Requirements
NIST SP 800-53 R4
Low
Moderate
High
Supplemental
Privacy
NIST SP 800-53 R5
Low
Moderate
High
Supplemental
Privacy
HICP 2023 Edition
For Small Orgs.
For Medium Orgs.
For Large Orgs.
Ontario Personal Health Information Protection Act
Health Information Custodian
Health Data Institute
Agent
Researcher
Prescribed Organization
Consumer Electronic Service Provider
CIS CSC v8.0
Implementation Group 1
Implementation Group 2
Implementation Group 3
FFIEC CAT
Baseline
Evolving
Intermediate
Intermediate
Advanced
Innovative
HHS Cybersecurity Performance Goals
Essential Goals
Enhanced Goals
StateRAMP r5
Impact level: Low
Impact level: Moderate
Low
Moderate
High
Cybersecurity Maturity Model Certification (CMMC)
Level 1
Level 2
Level 3
AI Risk Management
NIST AI RMF & ISO/IEC 23894
Other
Dependent Factors
41. What type of AI model(s) are used by In-Scope IT platforms? (select all that apply)
Rule-based AI model
Predictive AI model
Generative AI model
41. Was covered and/or confidential data used to train the model, tune the model, or enhance the model's prompts via RAG?
Yes
No
42. Is the model's parameters and technical architecture confidential to the organization?
Yes
No
43. Are you a Group Health Plan?
Yes
No
Comments
Please enter any additional information (including any
past
HITRUST certification dates, CSF version, factors, number of requirement statements, etc.)
Captcha
Please complete the captcha validation below
This field is required!
Thank you for contacting to us. We have received your inquiry. We will get back to you soon.