News

Monthly Selected Authority Documents - June, 2022

July 1, 2022

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard4319217
EU General Data Protection Regulation (GDPR)Regulation or Statute3116915
NIST CSF 1.1International or National Standard273919
NIST SP 800-53 R5International or National Standard261411
CIS Controls, V8Best Practice Guideline2567
ISO/IEC 27701:2019International or National Standard18178
Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2.1Contractual Obligation1844
SOC2Safe Harbor1800
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard1798
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline16123
CobiTSafe Harbor161621
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement15199
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard1502
California Consumer Privacy Act of 2018Bill or Act1311
hipaa security ruleRegulation or Statute1351
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard1285
ISO 27002International or National Standard1272
ISO/IEC 27002:2022International or National Standard1203
NIST SP 800-53International or National Standard12171
ISO 9001:2015International or National Standard10182
ISO/IEC 27002:2013(E)International or National Standard1014413
PCI DSS Defined Approach Testing Procedures, Version 4.0International or National Standard1023
HIPAABill or Act9105
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation91507
Red Book (Condensed)International or National Standard9117
Sarbanes-Oxley Act of 2002Bill or Act924
23 NYCRR 500Regulation or Statute8103
AICPA Trust ServicesAudit Guideline861
Cyber Essentials Self-Assessment, Version 13Best Practice Guideline855
Gramm Leach BlileyBill or Act801
ISO 31000:2018International or National Standard8156
NIST SP 800-39International or National Standard8106
AICPA PrivacySafe Harbor761
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement700
Cloud Security Alliance CCM V1.3Best Practice Guideline751
CMMC Level 1, v2.0Best Practice Guideline755
COSO ERMSafe Harbor7118
HIPAA Electronic Health Record TechnologyRegulation or Statute721
ISO 27005 R 2011International or National Standard7178
ISO/IEC 27018:2019International or National Standard700
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard797
OWASP Top 10 - 2017International or National Standard785
SSAE No. 16 Reporting on Controls at a Service Organization SOC-1Safe Harbor793
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor61374
AICPA Trust Services Principles and CriteriaSelf-Regulatory Body Requirement6101
BSI-Standard 100-2International or National Standard680
California Consumer Privacy Act of 2018Bill or Act6391
CIS 20 Critical Security ControlsBest Practice Guideline6242
CMMC Level 2, v2.0Best Practice Guideline655
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard685