TMCnet News

HITRUST Announces CSF v11.3.0 Launch to Enhance Its Industry Leading Security Framework
[April 16, 2024]

HITRUST Announces CSF v11.3.0 Launch to Enhance Its Industry Leading Security Framework


The Company Adds and Harmonizes Another 12 Standards to Its Control Frameworks For Even Greater Relevance and Reliability

FRISCO, Texas, April 16, 2024 /PRNewswire/ -- HITRUST, the leader in enterprise risk management, information security, and compliance assurances, is pleased to announce the release of version 11.3.0 of the HITRUST Framework (HITRUST CSF) on April 16, 2024. This update reaffirms HITRUST's commitment to providing organizations with a comprehensive, up-to-date framework that addresses evolving cyber threats and regulatory requirements.

This update reaffirms HITRUST's commitment to providing organizations with a comprehensive, up-to-date framework.

What is the HITRUST Framework?

The HITRUST Framework (HITRUST CSF®) is a comprehensive, scalable, reliable, and efficient framework for information risk management, cybersecurity, and regulatory compliance. It is designed to help organizations globally, in any sector, earn the trust of their customers and stakeholders by demonstrating their commitment to relevant and reliable information security standards.

What's New in CSF v11.3.0

  • Addition of FedRAMP, StateRAMP, and TX-RAMP authoritative sources, which provide a standarized approach to ensure that assessed entities doing business with the government comply with applicable information security requirements.
  • Integration of NIST SP 800-172: Enhancing protections for Controlled Unclassified Information (CUI) and supporting organizations with high-risk profiles in their HITRUST r2 Assessment tailoring.
  • Foundation for CMMC Level 3 Requirements: Preparing organizations for new compliance needs based on stringent NIST standards.
  • Inclusion of MITRE Adversarial Threat Landscape for Artificial-Intelligence Systems (MITRE Atlas) mitigation. Addressing security requirements crucial for safeguarding AI systems.
  • Streamlined Assessment Process: Reduced redundancy in requirement statements, significantly decreasing the average r2 assessment size without compromising control coverage.



Customer Benefits

  • Staying Ahead of Regulations: By integrating and normalizing the latest industry standards and requirements, CSF v11.3.0 ensures organizations remain aligned with current and emerging regulations.
  • Comprehensive Cyber Threat Adaptation: The inclusion of cutting-edge authoritative sources like NIST SP 800-172 and MITRE ATLAS ensures the framework meets the challenges of today's dynamic threat landscape.
  • Enhanced Efficiency: Consolidation efforts have streamlined the assessment process, reducing effort and time investment for organizations pursuing HITRUST certification while meeting one or many regulatory compliance requirements.

Transition Information


With the launch of v11.3.0, new e1 and i1 assessments will be aligned with the updated framework, ensuring organizations benefit from the latest cybersecurity and compliance advancements. Existing assessments under v11.2.0 can still proceed, providing flexibility and continuity for ongoing certification efforts.

Access and Implementation

HITRUST CSF v11.3.0 is available for download on the HITRUST website. New e1 and i1 assessment objects, including i1 rapid recertification assessments, using CSF v11.2 in MyCSF have been disabled.

Organizations are encouraged to transition to the updated framework to leverage the enhanced protections and efficiencies it offers.

For more information and to download the HITRUST CSF v11.3.0, visit https://hitrustalliance.net/hitrust-framework.

About HITRUST

HITRUST, the leader in enterprise risk management, information security, and compliance assurances, offers a certification system for the application and validation of security, privacy, and AI controls, informed by over 50 standards and frameworks. The company's threat-adaptive approach delivers the most relevant and reliable solution, including multiple selectable and traversable control sets, over 100 independent assessment firms, centralized quality reviews and certification, and a powerful SaaS platform enabling the entire process and ecosystem. For over 17 years, HITRUST has led the assurance industry and today is widely recognized as the most trusted solution to establish, maintain, and demonstrate security capabilities for information risk management and compliance. 

For media inquiries, please contact:

Leslie Kesselring
Kesselring Communications for HITRUST
[email protected]
503-358-1012

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/hitrust-announces-csf-v11-3-0-launch-to-enhance-its-industry-leading-security-framework-302117625.html

SOURCE HITRUST Services Corp.


[ Back To TMCnet.com's Homepage ]