Information Security is a fundamental consideration for any organization with increasing risks, increasing costs, inconsistencies and inefficiencies being key concerns.


The HITRUST Common Security Framework (CSF) provides a consistent approach to compliance and risk management. It was developed to unify the growing number security, privacy and regulatory challenges into one prescriptive scalable solution and covers wide range of industries.

HITRUST CSF can help address the root information security challenges facing an organization. It provides coverage across multiple industry specific standards. It is a standard built on multiple standards and authoritative sources (including ISO27001, NIST 800-53, NIST 800-171, HIPPA, PCI DSS, GDPR and many more) relevant to information security and privacy.

The lowest assessment is a baseline review called a Readiness Assessment which provides an evaluation of your needs, risks and requirements to determine where improvements should be made. It is recommended that you always start with a Readiness Assessment. The next level of assessment is a Validated Assessment by a third-party assessment company. You cannot remediate any deficiencies or weaknesses to change your assessment score once this assessment has begun, they must be scored as originally found.

As a Certified HITRUST CSF Practitioner (CCSFP) we can help you with preparation for your HITRUST CSF Readiness Assessment, providing you the skills to accomplish the audit, help correct any deficiencies, so that you can provide the evidence needed reducing the possibility of you failing HITRUST QA or an external assessment. We will work with you to compare all of its infrastructural components against the required controls contained in the HITRUST framework making any necessary changes, so you are ready to submit. We can do this independent of an external assessor which may be beneficial for many reasons. Failure to use sufficient CCSFP for a minimum number of hours on an engagement can stop you getting certification.

As a CCSFP we can be engaged by your organization as an internal assessor.

The work we perform as a CCSFP internal assessor can be relied upon by a HITRUST External Assessor potentially saving you time and money.

Contact us for a free initial consultation.