News

Monthly Selected Authority Documents - April, 2020

May 1, 2020

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard711497
NIST SP 800-53 R4International or National Standard561116
NIST SP 800-53 R4 Moderate ImpactInternational or National Standard50543
NIST SP 800-53 R4 High ImpactInternational or National Standard311403
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation291283
NIST SP 800-53 R4 Low ImpactInternational or National Standard26533
CIS Controls V7Best Practice Guideline24171
HIPAABill or Act22781
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor211072
NIST CSF 1.1International or National Standard21222
EU General Data Protection Regulation (GDPR)Regulation or Statute201336
ISO 27002International or National Standard2011
ISO/IEC 27701:2019International or National Standard1760
California Consumer Privacy Act of 2018Bill or Act16230
CobiTSafe Harbor151331
NIST CSF 1.0International or National Standard15111
AICPA Trust Services Principles and CriteriaSelf-Regulatory Body Requirement1470
ISO/IEC 27002:2013(E)International or National Standard141261
ISO/IEC 27018:2014International or National Standard1440
NIST SP 800 66Safe Harbor1390
Cloud Controls Matrix, Version 3.0Self-Regulatory Body Requirement1290
NIST SP 800-53International or National Standard1280
23 NYCRR 500Regulation or Statute1162
HKMA General Principles for Technology Risk ManagementRegulation or Statute11120
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard1120
Sarbanes Oxley SOXRegulation or Statute111171
Trust Services CriteriaSelf-Regulatory Body Requirement1131
45 CFR Part 164Regulation or Statute1061
CMMCBest Practice Guideline1000
FFIEC Business Continuity Planning Handbook 2015Audit Guideline1031
Gramm Leach BlileyBill or Act1060
HIPAA Electronic Health Record TechnologyRegulation or Statute1032
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement1071
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline900
FFIEC CATBest Practice Guideline961
ISO 24762 R 2008International or National Standard900
SSAE 18Safe Harbor941
AICPA Trust ServicesAudit Guideline840
IM Guidance Update CybersecuritySelf-Regulatory Body Requirement810
NIST SP 800-171International or National Standard811
CIS 20 Critical Security ControlsBest Practice Guideline760
COBIT 2019Safe Harbor711
COBIT 5 Enabling Processes: BasicsSafe Harbor7332
Criminal Justice Information Services Security PolicyOrganizational Directive731
FedRAMP Baseline Security ControlsAudit Guideline7960
FFIEC IT Examination HandbookAudit Guideline771
ISO 27005 R 2011International or National Standard791
ITIL Security ManagementBest Practice Guideline700
NICE NISTInternational or National Standard710
NIST 800-53AInternational or National Standard731