News

Monthly Selected Authority Documents - March, 2022

April 1, 2022

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard3518913
NIST CSF 1.1International or National Standard263615
NIST SP 800-53 R5International or National Standard25117
EU General Data Protection Regulation (GDPR)Regulation or Statute2316612
CIS Controls, V8Best Practice Guideline1923
45 CFR Part 160Regulation or Statute1644
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard1652
CobiTSafe Harbor151621
Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2.1Contractual Obligation1543
Sarbanes-Oxley Act of 2002Bill or Act1423
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1200
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation121496
California Consumer Privacy Act of 2018Bill or Act1111
ISO/IEC 27701:2019International or National Standard11145
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard1164
NIST SP 800-37r2International or National Standard11104
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and PrivacySelf-Regulatory Body Requirement1142
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor101374
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard1065
ISO 27002International or National Standard1072
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement10166
NIST SP 800-53 R4International or National Standard1043
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard953
Federal Information Security Management Act FISMARegulation or Statute941
Gramm Leach BlileyBill or Act901
ISO/IEC 27018:2014International or National Standard9152
NIST SP 800-39International or National Standard973
FedRAMP Baseline Security ControlsAudit Guideline81240
FFIEC IT Examination HandbookAudit Guideline8122
ISO/IEC 27002:2013(E)International or National Standard81419
SOC2Safe Harbor800
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline7112
CIS Controls, V7.1Best Practice Guideline762
Cloud Security Alliance CCM V1.3Best Practice Guideline750
CMMC Level 3Best Practice Guideline743
COBIT 2019Safe Harbor752
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard752
COSO Internal Control - Integrated FrameworkSelf-Regulatory Body Requirement7124
FFIEC IT Examination Handbook Architecture, Infrastructure, and Operations 2021Audit Guideline700
NIST CSF 1.0International or National Standard7112
NIST SP 800 66Safe Harbor7261
NIST SP 800-171International or National Standard731
NIST SP 800-34International or National Standard791
PCI SAQ A v3.2Contractual Obligation785
FFIEC Information Technology Examination Handbook - Business Continuity ManagementAudit Guideline6122
HIPAABill or Act6105
HIPAA Electronic Health Record TechnologyRegulation or Statute621
hipaa security ruleRegulation or Statute651
Information Supplement: PCI DSS Wireless GuidelinesBest Practice Guideline630
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard6130