Certified HITRUST | NIST CsF Specialist℠ (CHNS℠) Program

  • A Program Designed to Establish HITRUST & NIST CsF Certification for an Enterprise Cybersecurity Program.

  • The Certified HITRUST | NIST CsF Specialist℠ (CHNS℠) is a 1-day program designed with emphasis for organizations to achieve HITRUST CSF and NIST CsF dual certification. The CHNS℠ Program is available in both instructor-led and online formats.

Learning Objectives

  • Examine core concepts associated with HITRUST CSF certification, such as fundamentals, terminology, ratings, and certification scoring.
  • Step through core components of the NIST CsF standard.
  • Review options for addressing European Union GDPR, PCI DSS, California’s CCPA, New York’s 23 NYCRR 500, HIPAA/HITECH and other mandates within the scope of HITRUST certification.
  • Understand the roadmap of critical steps to achieve HITRUST CSF and NIST CsF certification.

Course Outline

  • Fundamentals
  • Terminology
  • Ratings
  • Scoring
  • Scoping
  • Controls
  • Assessment Domains
  • Key Concepts
  • Functions
  • Categories
  • Sub-Categories
  • NIST Standards Supported by HITRUST
    • NIST SP 800-53
    • NIST SP 800-66
  • ISO 27001 Standard
  • PCI DSS Standard
  • GDPR Compliance
  • CCPA Compliance
  • 23 NYCRR 500 Mandate
  • HIPAA/HITECH Mandates
  • Step 0: HITRUST Workshop
  • Step 1: HITRUST CSF-based Policy
  • Step 2: HITRUST CSF-based Procedures
  • Step 3: Guided Self Assessment
  • Step 4: Remediation
  • Step 5: Evidence
  • Step 6: Validation
  • Step 7: Certification
  • Sample HITRUST Policy
  • Policy Structure
  • Requirements for Certification

Certification Exam

The CHNS℠ certification exam validates the knowledge in core HITRUST CSF and NIST CsF concepts, including cybersecurity strategy, to address associated business certification requirements.

Certification Exam

In the News

ecfirst Client, Beacon Health Achieves HITRUST & NIST Certification!


HITRUST | NIST CsF Certification Training, Irvine/Anaheim, October 3. Leap Ahead with the CHNS℠ Credential!.

Thought Leadership

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), CCSFP (HITRUST) is the chief executive of ecfirst, an Inc. 500 business. He is a highly regarded information security and regulatory compliance expert.