Crosswalk Assessments
      Back to home
      1. Knowledge Center
      2. Crosswalk Assessments

      What are Question Type Options when creating an Assessment?

      There are different Question Type options available when creating an Assessment.

      They are SCF CMM, HITRUST CMM, Simple CMM and Ostendio CMM and Custom. This article will provide you information on what each question type is and which one you will want to use. 

      • Special Note: Select Customers will ONLY be able to choose Ostendio CMM. Premium Customers will be able to choose ANY of the four options. 

      1. SCF CMM (Secure Control Frameworks Capability Maturity Model) is recommended for all frameworks, except HITRUST and HLCA (High Level Control Audit). Below is an example of what your assessment responses will look like if you choose this Question Type. (ex. Level 1, Level 2, Level 3, etc.) Each level will provide you with a specific description of what should have been achieved to meet that respective level selection. Based on your selection, you might also be asked to provide evidence to support your selection.

      blobid0.png

      2. HITRUST CMM (HITRUST Capability Maturity Model) is recommended for HITRUST Assessments. Below is an example of what your assessment responses will look like if you choose this Question Type. (ex. Policy, Process, Implemented, etc.) Each level will provide you with a specific description of what should have been achieved to meet that respective level selection. Based on your selection, you might also be asked to provide evidence to support your selection.

      blobid1.png

      3. Simple CMM (Simple Capability Maturity Model) is recommended for Custom Assessments. Below is an example of what your assessment responses will look like if you choose this Question Type. (ex. Fully, Almost, Mostly, etc.) Based on your selection, you might also be asked to provide evidence to support your selection.

      blobid2.png

      4. Ostendio CMM (Ostendio Capability Maturity Model) is our own model recommended for customers completing Ostendio's Security Framework. Below is an example of what your assessment responses will look like if you choose this Question Type. (ex.Stated Compliance, Documented Policy and Evidence of Compliance) Based on your selection, you might also be asked to provide evidence to support your selection.

      blobid3.png

      5. Custom Question Type will allow you to choose any of 5 additional options including:

      • Text Reponse
      • Single Select
      • Multiple Select
      • Yes/ No
      • Scale (1-5). Select the Custom Question Type that is required for the Assessment use case.

      As you can see, each Question Type option will dictate how information is collected while you answer your assessment questions.

      Please choose accordingly.