General
Streamlining the Process of Third-Party Risk Management (TPRM)
An in-depth review of the XChange and how it is powered by the XChange Manager portal to execute the HITRUST TPRM Methodology.
HITRUST Essentials, 1-year (e1) Self-Assessment
The HITRUST Essentials, 1-year (e1) Self-Assessment is a faster, easier assurance to request from vendors to show that they have foundational cybersecurity controls in place.
HITRUST Implemented, 1-year (i1) Validated Assessment
The HITRUST Implemented, 1-year (i1) Assessment + Certification focuses on Leading Security Practices as an innovative, threat-adaptive, broad-based assessment that evolves over time to actively address the ever-changing cybersecurity landscape across industries. Rapid Recertification simplifies renewal.
HITRUST Risk-based, 2-year (r2) Validated Assessment
The HITRUST Risk-based, 2-year (r2) Validated Assessment + Certification uses a proactive, Expanded Practices approach that is globally recognized as a high-level validation showing that an organization successfully manages cyber risk by meeting and exceeding industry-defined and accepted information security requirements.
Assessing Risks and Obtaining Assurances: A Guide
The HITRUST XChange offers several options to assess the amount of risk posed by each of your business relationships and to obtain assurances relating to the security and privacy posture of each of your third parties.
HITRUST Assessment XChange Illustrative Process
The HITRUST Assessment XChange offers an innovative and comprehensive solution, combining the processes, technology, and people needed to help organizations streamline and simplify their third-party risk management.
HITRUST Assessment XChange Workflow
Flow chart showing the HITRUST Assessment XChange processes and procedures used to request IRQs and Assessments from third parties and vendors.
Onboarding Specialist Services
HITRUST Onboarding Specialist use their knowledge, skill sets, and commitment to ensure TPRM program success for XChange customers.
HITRUST Assessment XChange Use Cases
Guidelines that help your organization determine when to use the Inherent Risk Questionnaire to obtain additional data from a third-party; and/or when to request a HITRUST Essentials e1 Self-Assessment from vendors for whom you require only low-level, basic assurances.
Customer FAQs
The most frequently asked questions from current and prospective customers of the XChange.
HITRUST Assessment XChange Features Overview
The HITRUST Assessment XChange is the only third-party risk management solution that is both comprehensive and modular, including the three vital components of people, process, and technology.
HITRUST Assessment XChange Subscription Pricing
Subscription options for organizations who participate in the XChange
Webinars
HITRUST Assessment XChange Adoption & Integration of HITRUST’s Third-Party Risk Management Program
An introduction to the HITRUST Assessment XChange and the recommended approach on how to implement the HITRUST TPRM Methodology and the XChange into an organization’s TPRM program
HITRUST Third-Party Risk Management (TPRM) Methodology and HITRUST Assessment XChange Enhancements
How the HITRUST TPRM Methodology and HITRUST Approach help organizations qualify their third parties for new and existing business relationships based on the inherent risk they pose to the organization
HITRUST TPRM Methodology
HITRUST TPRM Methodology: Third-Party Risk Management Methodologies, Programs and Services
Overview of HITRUST’s strategic programs and services
HITRUST Third-Party Risk Management (TPRM) Methodology: The Qualification Process
A streamlined approach to qualifying a third party for a business relationship leveraging the HITRUST CSF and CSF Assurance Program
HITRUST Third-Party Risk Management Methodology
An Illustration of the Process