News

Categories

Monthly Selected Authority Documents - February, 2021

March 1, 2021

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard251728
CobiTSafe Harbor231512
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor211253
EU General Data Protection Regulation (GDPR)Regulation or Statute2015311
NIST CSF 1.1International or National Standard19297
Sarbanes Oxley SOXRegulation or Statute171411
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4International or National Standard1630
ISO 27002International or National Standard1551
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation151384
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement13124
NIST SP 800-53 R5International or National Standard1342
Cloud Controls Matrix, Version 3.0Self-Regulatory Body Requirement12122
ISO 31000 R 2009International or National Standard121542
ISO/IEC 27018:2014International or National Standard12142
Red Book (Condensed)International or National Standard1254
NIST SP 800-53International or National Standard11140
NIST SP 800-53 R4International or National Standard1132
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard1002
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline970
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard900
EBA/GL/2019/04Regulation or Statute920
ISO/IEC 27002:2013(E)International or National Standard91344
NICE NISTInternational or National Standard9101
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Revision 4International or National Standard920
CMMC Level 3Best Practice Guideline803
CMMC Level 5Best Practice Guideline801
CSIS 20 Critical Security ControlsBest Practice Guideline81480
ISO/IEC 27701:2019International or National Standard893
NIST SP 800 66Safe Harbor8191
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard813
NIST SP 800-37r2International or National Standard884
PCI DSS Testing Procedures v3.2Contractual Obligation8152
Cloud Security Alliance CCM V1.3Best Practice Guideline750
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard700
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard702
FedRAMP Baseline Security ControlsAudit Guideline71140
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard7110
PCI DSS 3.0 RequirementsSelf-Regulatory Body Requirement7831
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4International or National Standard720
21 CFR Part 11Regulation or Statute6190
23 NYCRR 500Regulation or Statute673
California Consumer Privacy Act of 2018Bill or Act6331
CIS 20 Critical Security ControlsBest Practice Guideline6162
CIS Controls, V7.1Best Practice Guideline633
Cyber Essentials Scheme (CES) QuestionnaireBest Practice Guideline620
FedRAMP Security Controls Baseline, 2018Audit Guideline604
FFIEC Development AcquisitionBest Practice Guideline631
FFIEC Information Technology Examination Handbook - Business Continuity ManagementAudit Guideline691
Financial Services Sector Cybersecurity ProfileInternational or National Standard602
Gramm Leach BlileyBill or Act683