CCH Feature Prioritization High Priority Hitlist Research

Owned by Vicki McEwen, created
Last updated: Oct 17, 2023
2 min read

This is a starting point to gather the potential most desirable features of the CCH.

Starting sources are internal staff experience and recollections from interactions with customers.

Customer validation will be forthcoming.

Related pages: Current Product Feature Prioritization

Does exist things they can’t live without

Feature

Benefit

Benefit Customer Confirmation

Risks

Comments

Feature

Benefit

Benefit Customer Confirmation

Risks

Comments

AD Lists

  • Allows customers to identify their compliance requirements

  • Allows customers to break down their compliance requirements into groupings based on business needs

  • 93% of active accounts have at least one AD list.

 

 

Builds

  • Allows customers to identify their compliance needs such as gaps and coverage in their internal frameworks.

 

 

 

Compare

  • New Versions: Identify gaps and coverage between New AD Versions.

  • New Requirements: Identify gaps and coverage between current control set and new document(s) customer needs to comply with.

  • AT&T uses the compare feature when new versions of ASPR are mapped (confirmed via Userflow)

 

 

API Integration with GRC partners

  • Allows customers to manage and identify their compliance efforts in conjunction with our partner GRC offerings.

 

 

 

Attestation Portal

https://cch.commoncontrolshub.com/pl-uuX2

  • Allows customers to share what compliance requirements they adhere to with stakeholders and other organizations outside the CCH.

  • The Attestation Portal can show CCH tracking information of Compliance Requirements as well. *Need numbers on how many have the tracking portion implemented.

  • 49% of active accounts that have created AD lists have at least one published list.

  • 37% of all active accounts have at least one published list.

 

JH: why is this important? what is evidence customers using it?

 

The benefit customer confirmation numbers are current as of 9/30/23

Doesn’t Exist

Feature

Risks

Benefit

Feature

Risks

Benefit

See Citations tied to Common Controls

Could expose tenious mapping/older mapping practice or highlight weaknesses in the mapping.

Would allow customers to see the nuance of each Citation, i.e. are there specific time frames, etc.

See only associated Common Controls in a List in the CCH

If we didn’t keep control parentage, could lose some context.

Would allow customers to to view pertinent information quicker.

Better AD Search Capabilities

N/A

Would allow customers to find the products they need quicker and more reliably, which could increase customer onboarding and retention.

New Version Notification

If the mapping team is slow to map new versions, this could highlight a weakness in our internal processes.

Would provide customers the latest and greatest information about ADs.

Clear indication of AD versions in UI

If the mapping team is slow to map new versions, this could highlight a weakness in our internal processes.

Would provide customers and mapping team clarity on AD history.

For customers easier to find the AD version they care about.