Control Metrics
The Control Metrics uses PRISMA Security Maturity levels to provide insight into the status of each assessed control in the PRISMA Maturity lifecycle. The chart is broken down by PRISMA Security Maturity levels and shows what percentage of controls were assessed as either Addressed, Partially Addressed, or Not Addressed. The Control Metrics widgets include:
- Policy—indicates whether the assessed controls have a documented policy.
- Procedure—indicates whether the assessed controls have a documented procedure.
- Implementation— indicates whether the assessed controls have implemented policies and procedures.
- Tested—indicates whether the assessed controls have policy and procedure implementations that have been tested.
- Integrated—indicates whether the assessed controls have tested policy and procedure implementations that are considered integrated into the culture.
If the assessment status is Completed, you have access to the Maturity Heat Map metrics. It shows a PRISMA Maturity Model heat map of HIPAA Security requirements that are mapped to NIST Cybersecurity Framework (CSF) functions and categories. As a framework, the NIST CSF does include controls that are not specified as requirements within the HIPAA Security Rule. NIST CSF controls not required for HIPAA Security compliance are excluded from the HIPAA Security Risk Assessment.
It shows a heat map of your scores broken down by function and category, as well as by the PRISMA Maturity model. This allows you to quickly identify areas where you are excelling and areas that need improvement.
- Note: Expand each section of the Maturity Heat Map to get more detailed information on your assessment.
Related Topics