News

Monthly Selected Authority Documents - September, 2021

October 1, 2021

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard4218611
NIST SP 800-53 R5International or National Standard3583
NIST CSF 1.1International or National Standard343412
EU General Data Protection Regulation (GDPR)Regulation or Statute3216410
CIS Controls, V8Best Practice Guideline2400
ISO/IEC 27701:2019International or National Standard20113
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard2032
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation191464
CobiTSafe Harbor181621
ISO 27002International or National Standard1872
hipaa security ruleRegulation or Statute1641
ISO/IEC 27002:2013(E)International or National Standard151387
Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2.1Contractual Obligation1543
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline1490
CMMC Level 3Best Practice Guideline1432
HIPAABill or Act1494
ISO 27005 R 2011International or National Standard14123
Sarbanes-Oxley Act of 2002Bill or Act1423
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1300
CMMC Level 5Best Practice Guideline1220
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard1220
NIST SP 800-53International or National Standard12161
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement11134
NIST SP 800 66Safe Harbor11251
Red Book (Condensed)International or National Standard1194
CIS Controls, V7.1Best Practice Guideline1052
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard1043
ISO/IEC 27018:2014International or National Standard10152
NICE NISTInternational or National Standard10121
23 NYCRR 500Regulation or Statute993
California Consumer Privacy Act of 2018Bill or Act911
CMMC Level 2Best Practice Guideline932
CMMC Level 4Best Practice Guideline930
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard933
FedRAMP Security Controls Baseline, 2018Audit Guideline914
NIST SP 800-39International or National Standard941
CMMC Level 1Best Practice Guideline832
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard820
Cyber Essentials Scheme (CES) QuestionnaireBest Practice Guideline820
NIST SP 800-53 R4International or National Standard833
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4International or National Standard850
SWIFT Customer Security Controls FrameworkBest Practice Guideline800
Australian Government Information Security Manual ControlsInternational or National Standard730
COSO Internal Control - Integrated FrameworkSelf-Regulatory Body Requirement7102
Financial Services Sector Cybersecurity ProfileInternational or National Standard712
HIPAA Electronic Health Record TechnologyRegulation or Statute711
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard7130
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor61374
Cloud Security Alliance CCM V1.3Best Practice Guideline650
COSO ERMSafe Harbor663