What is Censinet RiskOps?

Censinet RiskOps makes the risk assessment process faster and easier for healthcare delivery organizations (HDOs) and the vendors, affiliates, and partners they need to assess. For the organization being assessed, Censinet RiskOps:

Reduces the overwhelming volume of risk assessments that ask the same questions, yet require vendors to “start from scratch” every time. With Censinet’s 1-Click Assessment feature, you can answer a questionnaire once and then reuse it as often as needed with other assessing organizations.
Eliminates the highly-manual, labor-intensive processes that require managing disparate spreadsheets, myriad documents, and endless email chains with customers. With Censinet, you can manage questionnaire responses and related documents all in one place.
Cuts down the substantial time spent managing and negotiating corrective actions, updating customers on changes in risk, and explaining complex products. Censinet facilitates and tracks these activities with real-time visibility to both vendors and HDOs.

🚀 Censinet RiskOps can help answer questionnaires up to 80% faster

Using the Questionnaire Copilot feature in Censinet RiskOps, you can upload previously completed security questionnaires and other relevant source documents to automatically generate responses to a Censinet questionnaire. After reviewing the Copilot responses and editing as needed, you’ll have a completed questionnaire ready to submit to the assessing organization.

Note that Questionnaire Copilot is currently available to healthcare vendors using Censinet RiskOps to answer a questionnaire about their company or product.

Let’s get started

When an assessor invites you to complete a risk assessment questionnaire through Censinet RiskOps, you will receive an email from [email protected], similar to the sample below.

✅ CHECK POINT: If you are not the right person at your organization to answer a risk assessment questionnaire about your company or the product/service listed in the invitation, please follow the instructions in the invitation email to provide the assessor with the correct contact’s name and email address. Getting the invitation email into the correct hands—or Inbox—as quickly as possible will avoid delays in the assessment process and shorten your sales cycle.

After you receive the invitation email, complete these tasks to answer the questionnaire in Censinet:

Task 1: Create your Censinet account
Task 2: Complete the onboarding process
Task 3: Answer the questionnaire and submit your responses

Task 1: Create your Censinet account

The steps below will vary depending on different conditions, such as whether your organization is new to Censinet RiskOps and how it is configured. Differences are noted here, but the user interface will also guide you throughout the entire process of creating your account.

1	In the invitation email, click the link to open the Create Account page and then fill out the form. If the page has a Send me an email verification button, it means you are the first user at your organization to set up a Censinet account. Continue with 2. If the page has a Log in to Censinet button at the bottom of the form, you are not the first user at your organization. Continue with 3.
2	Click the Send me an email verification button. Censinet will send you a Welcome to Censinet email from `[email protected]`. In the Welcome email, click the Verify your email and log in link to activate your Censinet account. This step is a required part of the account setup process; it verifies that you are who you say you are. Click LOG IN TO CENSINET to display a wizard that guides you through the onboarding process. Continue with Task 2: Complete the onboarding process.
3	Click the Log in to Censinet button on the Create Account page. Depending on how your organization is configured, your access will either be automatically approved based on your email address, or you will need to request access from one of your administrators. If you are taken to a Welcome to Censinet RiskOps page, it means your access was automatically approved. Continue with Task 2: Complete the onboarding process. If a Request Access page like the following displays, continue with the next step.
4	The Request Access page will list up to three administrators who can approve your access to Censinet RiskOps. Click SEND EMAIL to send an access request to the administrators. After you send the email, keep an eye on your Inbox: When your access is approved, Censinet will send you a Welcome to Censinet RiskOps email from [email protected]. In the Welcome email, click the Log in to Censinet RiskOps link to open the login page. Enter your password and click LOG IN to open the onboarding wizard. Continue with Task 2: Complete the onboarding process. If your access is denied, Censinet will send you an email with the name and email address of the administrator who denied your request. Contact them directly for further information. You will also see an update about the status of your request on the Request Access page.

To return to the Censinet login page at any time, go to https://connect.censinet.com. Note that Censinet uses Multi-Factor Authentication (MFA) for increased security. With subsequent logins, you will be prompted to enter a verification code after you enter your password. Censinet will email this code to you.

Task 2: Complete the onboarding process

After you create your account, a wizard will guide you through the rest of the onboarding process. Simply click NEXT on each screen when you are ready to move to the next step.

The screens presented by the wizard will vary depending on various factors, such as whether you are the first user in your organization to log in to Censinet.

The table below outlines the onboarding process. Since the wizard takes you through each step, you may set this guide aside for now and refer back to it to complete Task 3: Answer the questionnaire and submit your responses.

1	The Welcome to Censinet RiskOps screen explains why you were invited to Censinet and provides some key information to get you started.
2	The What’s in the questionnaire? screen helps you understand what types of questions you can expect to see in the assessment questionnaire.
3	The Enter Company Information screen displays if you are the first user to log in to Censinet from your organization. If you don’t see this screen, skip to the next step. Otherwise, fill in the form to enter basic details about your organization. NOTE: HDOs who use Censinet will see the details about your organization listed in the Censinet Vendor Catalog, which lets them know that you have already used Censinet. You are in complete control of who sees your risk data, however; an HDO will only see questionnaire responses and supporting evidence that you explicitly submit to them.
4	The Invite teammates to collaborate on this questionnaire screen displays next, giving you an opportunity to invite other users to join your organization’s Censinet RiskOps workspace. If you aren’t sure yet who you will want to collaborate with on the questionnaire, don’t worry; you’ll be able to invite users at any time after onboarding. To invite a user, enter their email address and click SEND INVITATION. Censinet will send the user an email invitation similar to the one you received. Repeat this step to invite additional users. Click NEXT when you are finished inviting users. PRO TIP: We recommend that you follow up with any teammates that you invite to let them know that a Censinet invitation is on the way.
5	If you are an Admin user, the Automate approval of new user requests screen displays, enabling you to change the Auto Approve Users setting for your organization. When Auto Approve Users is enabled, user access requests will be automatically approved if the user’s email matches one of your organization’s allowed domains. Users with email domains that are not allowed will require Admin approval. The screen lists the domains currently allowed for your workspace. When Auto Approval Users is disabled, all user access requests will require Admin approval. For more information on the Auto Approve Users setting, see Automatically approve user access.
6	Congratulations! You have now completed the onboarding process, and the Censinet Dashboard will appear. Continue with Task 3: Answer the questionnaire and submit your responses.

To return to the Censinet Dashboard at any time, log in at https://connect.censinet.com.

Task 3: Answer the questionnaire and submit your responses

After you complete the onboarding process and land on the Censinet Dashboard, follow this procedure to answer the questionnaire and submit responses to the assessing organization:

1	On the Censinet Dashboard, click the action button for the questionnaire in the Actions Required section. If there are multiple actions listed, look at the name of the Customer and Project to ensure you are working on the assessment listed in the email invitation. The action button will be one of the following: ENTER PRODUCT OR SERVICE INFORMATION: This is a new questionnaire for your organization and information is required about the product or service being assessed in order for Censinet to create the correct questionnaire. If this button displays, continue with step 2. BEGIN QUESTIONNAIRE: This is a new questionnaire for your organization and none of the questions have been answered as part of a previously completed assessment. If this button displays, skip to step 3 to answer the questionnaire. CONTINUE QUESTIONNAIRE: The questionnaire is partially complete. If you see this button and you know that no other users at your organization have started working on the questionnaire, it is because the questionnaire includes security questions about your company that were answered during a previously completed assessment. Once your organization answers one product/service questionnaire, any new product/service questionnaire will be listed as partially complete because it includes the previously answered company questions. If this button displays, skip to step 3 to answer the questionnaire. REVIEW & SUBMIT RESPONSES: This button displays when all required questions in the questionnaire were answered either during this assessment or a previous assessment. The ability to reuse answers from a previous assessment is the benefit of the Censinet “1-Click Assessment” feature; once your organization completes a questionnaire for one assessing organization, you can submit those responses to other assessing organizations as often as you need. If this button displays, skip to step 4 to review your responses and submit when you are ready.
2	If the ENTER PRODUCT OR SERVICE button is displayed on your Dashboard, click it to open the “Enter product/service information” form. Complete the form, keeping these tips in mind: TIPS: What is selected in the Product Types field is very important as it determines which questions are included in the assessment questionnaire. Typically, Product Types are preselected by the assessing organization to help streamline your onboarding process and ensure an accurate assessment. If Product Types were not preselected, or you believe the selections are incorrect or incomplete, be sure to select all product types that apply. For example, if you have a cloud product with a mobile app, select both Mobile Application and Software - Cloud. Hover your cursor over a product type for a description, or see see Product Type descriptions. HDOs who use Censinet will see these product details in the Censinet Product Catalog, but they will not see any of your questionnaire responses and supporting evidence unless you explicitly submit it to them. The user you select in the Primary Contact field can be changed at a later time from the Products menu. Click SUBMIT to open the questionnaire. Continue with the next step to answer the questionnaire.
3	Go through the questionnaire to answer and assign questions. You can only assign questions to teammates that have already been added as users to Censinet. To invite additional users to Censinet, see Invite users. As you progress through the questionnaire, keep an eye on the yellow information bar to monitor progress. Click SHOW REQUIRED ACTIONS to jump to the questions that still require responses.
4	Once all questions are answered, the following dialog prompts you to submit your responses to the assessing organization(s) who requested them: If you and your team wish to continue reviewing responses, click REVIEW RESPONSES and make any necessary edits. When you are done editing responses, redisplay the submit dialog above by clicking SUBMIT RESPONSES at the top of the questionnaire. When you are ready to submit responses, select the checkbox for each assessing organization to whom you want to submit and then click SUBMIT RESPONSES.

🎉 Congratulations! You’ve submitted your first questionnaire with Censinet!

Censinet will display a Questionnaire Submission Confirmation page to provide an instant receipt with all the key details about your submission.

The Submission Confirmation page only displays upon submission, but you can access details about all your organization’s assessments at any time by clicking Assessments in the top menu bar.

What’s next?

Keep an eye on your Inbox

As the assessing organization reviews your questionnaire responses, Censinet will send you an email notification if anything requires your attention. In the following example, the risk assessor has a comment about one of the responses. The email links the vendor directly to the comment in Censinet.

Monitor your Dashboard

The Censinet Dashboard serves as command central for your risk assessment tasks.

Use the Tasks panel to see if there are any open questions assigned to you, and to check the status of questions you have assigned to your teammates.

Once the assessing organization has reviewed your questionnaire responses and submitted a corrective action plan, you will see that in the Actions Required section of the Dashboard. Click RESPOND TO ACTION PLAN to view the plan and respond to the findings.

Product Type descriptions

Product Type	Select this type if...
Consulting	Your offering includes advisory services related to IT security, healthcare compliance, or operational improvements in hospital settings. This selection will help you evaluate and demonstrate the security aspects of the guidance and strategic plans you provide.
Hardware	Your product is a physical device like servers, network equipment, or any hardware used in hospital IT environments. This selection will allow you to assess and showcase the security measures and robustness of your hardware against potential cyber threats.
Medical Device - MDS2- 2013	Your medical device is evaluated under the 2013 Manufacturer Disclosure Statement for Medical Device Security standards. This selection is ideal for demonstrating the security compliance of older medical devices with earlier cybersecurity norms.
Medical Device - MDS2- 2019	Your medical device adheres to the updated 2019 MDS2 standards. This selection will help you highlight your device's alignment with the latest cybersecurity requirements and standards in the healthcare industry.
Mobile Application	You provide mobile applications for healthcare use. This selection will focus on the security features of your app (including data protection and user authentication), ensuring it’s safe for use on mobile devices in a hospital environment.
Software - Cloud	Your offering is a cloud-based application or service. This selection will help you assess and validate the security and compliance aspects of your cloud solutions, including data storage, processing, and protection against breaches.
Software - On Premises	Your software is designed to be installed and operated directly on a hospital's internal servers and computers. This selection will help you demonstrate how your on-premises software manages data security and integrity, and how it’s safeguarded against internal security threats.

Invite users

During onboarding, you may have invited some of your teammates to join Censinet. If you want to invite additional users, follow the procedure below:

1	Click the INVITE USERS button on the Censinet Dashboard or in the top navigation bar of any page. If an Invite Users page displays, it means you are a Non-admin user. Continue with step 2. If a Manage Users page displays, it means you are an Admin user (user with administrator privileges). Continue with step 3. The steps for inviting a new user are a little different for Non-admin versus Admin users, but Censinet makes it easy for any user to invite teammates to Censinet RiskOps.
2	On the Invite Users page, complete the Invite New User form and then click INVITE. Censinet will send the invited user a Welcome to Censinet RiskOps email (similar to the one that you received) with a link to the Censinet login page where they can set a password and log in. Depending on how your organization is configured, the user’s access will either be automatically approved based on their email address, or they will be prompted to request access from one of your administrators.
3	On the Manage Users page, complete the Create New User form and then click CREATE. In the Select Role field, select one of these roles: Non-admin: Users with this role can invite new users, view and edit any questionnaire available from the Products menu, and respond to all in-progress questionnaires and Corrective Action Plans. Admin: Users with this role have all the capabilities of a Non-admin user, plus the ability to add/edit user accounts, grant/deny user access, and edit Settings on the Manage Users page. Censinet will send the new user a Welcome to Censinet RiskOps email (similar to the one that you received) with a link to the Censinet login page where they can set a password and log in. When the user logs in, they will be taken directly to their Censinet Dashboard and will not be prompted to enter company information since that was entered by the first user who logged in.