News

Monthly Selected Authority Documents - August, 2020

September 1, 2020

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard491607
NIST SP 800-53 R4International or National Standard361196
EU General Data Protection Regulation (GDPR)Regulation or Statute351427
NIST CSF 1.1International or National Standard28254
CobiTSafe Harbor261411
NIST SP 800-53 R4 High ImpactInternational or National Standard261504
NIST SP 800-53International or National Standard25110
PCI DSS 3.2 SAQ D Service ProviderContractual Obligation2422
NIST SP 800-53 R4 Moderate ImpactInternational or National Standard23605
Sarbanes Oxley SOXRegulation or Statute231291
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation221342
FedRAMP Baseline Security ControlsAudit Guideline201030
ISO/IEC 27002:2013(E)International or National Standard201291
ISO/IEC 27018:2014International or National Standard1970
ISO 27002International or National Standard1731
NIST SP 800-53 R4 Low ImpactInternational or National Standard17605
CMMC Level 2Best Practice Guideline1600
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor151153
CMMC Level 1Best Practice Guideline1500
CMMC Level 5Best Practice Guideline1500
HIPAABill or Act15831
ISO/IEC 27701:2019International or National Standard1570
CIS Controls V7Best Practice Guideline14181
Gramm Leach BlileyBill or Act1370
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement1381
NIST CSF 1.0International or National Standard13111
NIST SP 800 66Safe Harbor13111
Cloud Controls Matrix, Version 3.0Self-Regulatory Body Requirement12110
CMMC Level 3Best Practice Guideline1200
NIST 800-53AInternational or National Standard1241
CSIS 20 Critical Security ControlsBest Practice Guideline111380
FedRAMP Security Controls Baseline, 2018Audit Guideline1102
FFIEC CATBest Practice Guideline1181
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard1100
CMMC Level 4Best Practice Guideline1000
HIPAA Electronic Health Record TechnologyRegulation or Statute1043
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline920
Cloud Security Alliance CCM V1.3Best Practice Guideline940
ISO 27005 R 2011International or National Standard991
ISO 31000 R 2009International or National Standard91422
MAS TRMContractual Obligation9290
NIST SP 800-171International or National Standard921
21 CFR Part 11Regulation or Statute8100
COSO Internal Control - Integrated FrameworkSelf-Regulatory Body Requirement841
FFIEC Retail Payment Systems 2016Best Practice Guideline820
ISO 9001:2015International or National Standard870
NIST Privacy FrameworkInternational or National Standard830
PCI DSS Testing Procedures v3.2Contractual Obligation880
AICPA Trust ServicesAudit Guideline740
AICPA Trust Services Principles and CriteriaSelf-Regulatory Body Requirement770