An r2 Requirement Statement that scores at a 37 would yield which result?

HITRUST uses a scoring scale from 0 to 100, with categories for Fully Compliant, Mostly Compliant, Partially Compliant, Somewhat Compliant, and Non-Compliant. A score of 37 falls into the “Somewhat Compliant” category. This reflects significant weaknesses in Policy, Procedure, or Implementation maturity levels. Such a low score indicates a gap that must be addressed. Depending on whether the control is required for certification, HITRUST may require a Corrective Action Plan (CAP). CAPs are required when certification-critical controls score below thresholds (e.g., Implementation not at 100% where required). Therefore, a Requirement Statement score of 37 would be treated as a gap with a possible required CAP, depending on its criticality within the certification process.