News

Monthly Selected Authority Documents - April, 2021

May 1, 2021

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard531797
NIST SP 800-53 R5International or National Standard3762
NIST CSF 1.1International or National Standard36297
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation331394
EU General Data Protection Regulation (GDPR)Regulation or Statute2515910
HIPAABill or Act2161
hipaa security ruleRegulation or Statute2120
NIST SP 800-53International or National Standard19161
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor181303
ISO/IEC 27018:2014International or National Standard18142
NIST CSF 1.0International or National Standard18112
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard1812
CobiTSafe Harbor171581
HIPAA Electronic Health Record TechnologyRegulation or Statute1700
ISO 27002International or National Standard1772
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement17124
NIST SP 800 66Safe Harbor17241
NIST SP 800-171International or National Standard1721
CMMC Level 3Best Practice Guideline1622
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard1610
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard1510
ISO/IEC 27002:2013(E)International or National Standard151344
Sarbanes-Oxley Act of 2002Bill or Act1520
CIS Controls, V7.1Best Practice Guideline1442
Cloud Controls Matrix, Version 3.0Self-Regulatory Body Requirement14122
Gramm Leach Bliley, DeprecatedBill or Act1492
HIPAA Electronic Health Record TechnologyRegulation or Statute1435
ISO/IEC 27701:2019International or National Standard14103
NIST 800-53AInternational or National Standard1472
Cloud Security Alliance CCM V1.3Best Practice Guideline1350
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard1322
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard1322
EBA/GL/2019/04Regulation or Statute1330
FedRAMP Baseline Security ControlsAudit Guideline131190
NIST SP 800-39International or National Standard1330
CMMC Level 1Best Practice Guideline1222
CMMC Level 4Best Practice Guideline1220
CMMC Level 5Best Practice Guideline1220
Sarbanes Oxley SOX, DeprecatedRegulation or Statute121441
23 NYCRR 500Regulation or Statute1182
CMMC Level 2Best Practice Guideline1122
HIPAA HCFABest Practice Guideline1111
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline1080
ISO 27005 R 2011International or National Standard10123
NIST SP 800-53 R4International or National Standard1032
NIST SP 800-53 R4 Moderate Impact, DeprecatedInternational or National Standard10755
NIST SP 800-61International or National Standard1093
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4International or National Standard1050
Australian Government Information Security Manual ControlsInternational or National Standard930
Cyber Essentials Scheme (CES) QuestionnaireBest Practice Guideline920