HITRUST has released version 9.0 of the common security framework

Start adding items to your reading lists:
Save this item to:
This item has been saved to your reading list.


On September 11, 2017, the HITRUST Alliance released version 9.0 of the Common Security Framework (“CSF”). This updated version revises the requirements for alignment and certification from the previous version 8.1, and provides 19 new controls for certification.

PwC’s flash report outlines these changes and provides guidance on what companies seeking certification need to do.

Download our flash report below to learn more.

HITRUST CSF V9 provides updates to several authoritative sources

  • Federal Financial Institutions Examination Council (FFIEC) Information Security Examination Handbook
  • Federal Risk and Authorization Management Program (FedRAMP)
  • Department of Homeland Security (DHS) Critical Resilience Review (CRR) cybersecurity criteria
  • Title 21 Code of Federal Regulations Part 11 (21 CFR Part 11)

How we can help

As your reliance on third parties grows to advance and maintain your competitive advantage, so does the need to foster trust and transparency with those organizations. PwC’s Trust and Transparency Solutions practice explores every angle of the third party equation, identifying weaknesses and interconnected risks, building better protections across business ecosystem, while providing the assurance your stakeholders need.

Contact us

Todd Bialick

Todd Bialick

Digital Assurance and Transparency Leader, PwC US

Follow us