mycsf v1.4.5

MyCSF

MyCSF is a Node.JS library built to aid with the usage of the HITRUST MyCSF API.

Table of Contents

• Installation
• Usage
  • Authentication
    • Testing Authentication
  • Assessment Endpoints
    • Getting Assessments
    • Getting Your Subscriber's Users
    • Getting an Assessment's Requirement Statements
    • Getting an Assessment's Users
    • Getting an Assessment Requirement's Corrective Action Plans
    • Getting an Assessment Requirement's Linked Documents
    • Getting an Assessment Requirement's Illustrative Procedures
    • Getting an Assessment Requirement's Answer Log
    • Getting an Assessment Requirement's Diary Entries
    • Getting an Assessment Requirement's User Delegation
  • Pre-Assessment Endpoints
    • Getting an Assessment's Organization Information
    • Getting an Assessment's Options
    • Getting an Assessment's Facilities
    • Getting an Assessment's Systems
    • Getting an Assessment's Default Scoring Profile
    • Getting an Assessment's Factors
  • Document Endpoints
    • Getting an Assessment's Documents
    • Getting a Document's Download Link
• Contributing
• License

Installation

Use the package manager npm to install MyCSF.

npm install --save mycsf

Once installed, ensure that the package is referenced in the appropriate files.

const MyCSF = require('mycsf'); 

Usage

This package has been developed to return a Promise on all of the methods listed below.

Authentication

Each API call requires that both a Username and an API Key be sent in the request to enable proper validation. This can be simply achieved by declaring a client variable and passing in the Username and the API Key.

const user = 'your_api_username';
const key = 'your_api_key';

const client = new MyCSF(
  {
    user,
    key
  });

Testing Authentication

Using the authenticate() function, you can simply test to verify that you are properly authenticating to the MyCSF API. The client configuration that is mentioned in the above section must be declared prior to this method being used.

client.authenticate()
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Assessment Endpoints

Getting Assessments

The getAssessments() method will return an Array of the Assessments for the Organization that the API User has access. If you are interested in only the information pertaining to one Assessment, you can use the getAssessment(assessmentId) function. This function does require that an Assessment ID be passed in.

// Get All Assessments
client.getAssessments()
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

//Get One Assessment
client.getAssessment(assessmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting Your Subscriber's Users

The getSubscriberUsers() method will allow you to fetch the user data for all individuals that have been added to your account.

client.getSubscriberUsers()
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment's Requirement Statements

The getAssessmentRequirements(assessmentId, inscope) method will query all of the Assessment Statements that are contained with the assessmentId. There is an optional parameter inscope that will allow you to return more than just the In Scope Requirements if set to false.

client.getAssessmentRequirements(assessmentId, inscope)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment's Users

The getAssessmentUsers(assessmentId) method will return the users and their permissions that have been set for the assessmentId parameter passed in.

client.getAssessmentUsers(assessmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment Requirement's Corrective Action Plans

The getAssessmentRequirementCAPs(requirementId) function will return the Corrective Action Plans that have been associated with the requirementId that is specified.

client.getAssessmentRequirementCAPs(requirementId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment Requirement's Linked Documents

The getAssessmentRequirementDocuments(requirementId) function will return the pieces of evidence that have been associated with the requirementId that is passed in the parameter.

client.getAssessmentRequirementDocuments(requirementId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment Requirement's Illustrative Procedures

The getAssessmentRequirementIllustrativeProcedures(requirementId) function will return the Illustrative Procedures that stem from the requirementId that is passed in the parameter.

client.getAssessmentRequirementIllustrativeProcedures(requirementId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment Requirement's Answer Log

The getAssessmentRequirementHistory(requirementId) function will return an array of the event log for the requirementId that is passed in the parameter.

client.getAssessmentRequirementHistory(requirementId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment Requirement's Diary Entries

The getAssessmentRequirementDiary(requirementId) function will return an array of the diary entries for the requirementId that is passed in the parameter.

client.getAssessmentRequirementDiary(requirementId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment Requirement's User Delegation

The getAssessmentRequirementHistory(requirementId) function will an array of the Users for which have been assigned to the requirementId that is passed in the parameter.

client.getAssessmentRequirementUsers(requirementId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Pre-Assessment Endpoints

Getting an Assessment's Organization Information

client.getAssessmentOrganizationInformation(assessmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment's Options

client.getAssessmentOptions(assessmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment's Facilities

client.getAssessmentFacilities(assessmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment's Systems

client.getAssessmentSystems(assessmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment's Default Scoring Profile

client.getAssessmentDefaultScoring(assessmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting an Assessment's Factors

client.getAssessmentFactors(assessmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Document Endpoints

Getting an Assessment's Documents

//type === 1 if Subscriber, type === 2 if Assessor
client.getAssessmentDocuments(assessmentId,type)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Getting a Document's Download Link

client.getAssessmentDocument(documentId,attachmentId)
  .then(response => {
    console.log(response);
  })
  .catch(err => {
    console.log(err);
  })

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

License

MIT