News

Monthly Selected Authority Documents - March, 2022

April 1, 2022

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common Name	AD Type	Selected	Groups	Initiatives
ISO 27001-2013	International or National Standard	35	189	13
NIST CSF 1.1	International or National Standard	26	36	15
NIST SP 800-53 R5	International or National Standard	25	11	7
EU General Data Protection Regulation (GDPR)	Regulation or Statute	23	166	12
CIS Controls, V8	Best Practice Guideline	19	2	3
45 CFR Part 160	Regulation or Statute	16	4	4
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020	International or National Standard	16	5	2
CobiT	Safe Harbor	15	162	1
Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2.1	Contractual Obligation	15	4	3
Sarbanes-Oxley Act of 2002	Bill or Act	14	2	3
Cloud Controls Matrix, v4.0	Self-Regulatory Body Requirement	12	0	0
PCI DSS Requirements and Security Assessment Procedures	Contractual Obligation	12	149	6
California Consumer Privacy Act of 2018	Bill or Act	11	1	1
ISO/IEC 27701:2019	International or National Standard	11	14	5
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations	International or National Standard	11	6	4
NIST SP 800-37r2	International or National Standard	11	10	4
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy	Self-Regulatory Body Requirement	11	4	2
AICPA Reporting on Controls at a Service Organization SOC-2	Safe Harbor	10	137	4
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020	International or National Standard	10	6	5
ISO 27002	International or National Standard	10	7	2
ISO/IEC 27017:2015(E)	Self-Regulatory Body Requirement	10	16	6
NIST SP 800-53 R4	International or National Standard	10	4	3
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020	International or National Standard	9	5	3
Federal Information Security Management Act FISMA	Regulation or Statute	9	4	1
Gramm Leach Bliley	Bill or Act	9	0	1
ISO/IEC 27018:2014	International or National Standard	9	15	2
NIST SP 800-39	International or National Standard	9	7	3
FedRAMP Baseline Security Controls	Audit Guideline	8	124	0
FFIEC IT Examination Handbook	Audit Guideline	8	12	2
ISO/IEC 27002:2013(E)	International or National Standard	8	141	9
SOC2	Safe Harbor	8	0	0
BSI Cloud Computing Compliance Controls Catalogue (C5)	Best Practice Guideline	7	11	2
CIS Controls, V7.1	Best Practice Guideline	7	6	2
Cloud Security Alliance CCM V1.3	Best Practice Guideline	7	5	0
CMMC Level 3	Best Practice Guideline	7	4	3
COBIT 2019	Safe Harbor	7	5	2
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020	International or National Standard	7	5	2
COSO Internal Control - Integrated Framework	Self-Regulatory Body Requirement	7	12	4
FFIEC IT Examination Handbook Architecture, Infrastructure, and Operations 2021	Audit Guideline	7	0	0
NIST CSF 1.0	International or National Standard	7	11	2
NIST SP 800 66	Safe Harbor	7	26	1
NIST SP 800-171	International or National Standard	7	3	1
NIST SP 800-34	International or National Standard	7	9	1
PCI SAQ A v3.2	Contractual Obligation	7	8	5
FFIEC Information Technology Examination Handbook - Business Continuity Management	Audit Guideline	6	12	2
HIPAA	Bill or Act	6	10	5
HIPAA Electronic Health Record Technology	Regulation or Statute	6	2	1
hipaa security rule	Regulation or Statute	6	5	1
Information Supplement: PCI DSS Wireless Guidelines	Best Practice Guideline	6	3	0
ISO 22301- Societal Security - Business Continuity Management Systems - Requirements	International or National Standard	6	13	0