i1 Assessment

The HITRUST Implemented, 1-Year (i1) Validated Assessment leverages a proven set of HITRUST-curated controls designed to ensure that an organization is exercising Leading Security Practices to implement a strong and broad cybersecurity program. The i1 Assessment falls between the level of assurance conveyed by the more foundational HITRUST e1 Essentials and the more rigorous r2 Expanded Practices Risk-based Assessments. i1 Rapid Recertification dramatically simplifies the i1 recertification process.

• Moves security assessments beyond a check-list model to a more dynamic approach that ensures control selection is continuously relevant in defending against the latest threats and cyberattack techniques.

• Designed to sunset controls that have lost relevance and have limited assurance value.
• Focuses on Implementation for greater assurance that control requirements are in place and operating as intended.
• Uses the proven HITRUST CSF framework, which is highly prescriptive and constantly updated, unlike many other frameworks that are vague and remain unchanged for years.
• Assessment and testing through a highly qualified HITRUST Authorized External Assessor firm of your choice and the comprehensive HITRUST QA process for Validation and Certification (if earned).
• 1-year Certification, which can help justify reductions in cyber insurance premiums.
• Reduces time, effort, and cost by Inheriting prior assessment results along with reliance on sharing cloud controls.
• Leverages the HITRUST Results Distribution System (RDS) online portal to share assurance results by relying on parties through a PDF, web browser, and/or API so they can obtain, interpret, and analyze assessments more efficiently.