News

Monthly Selected Authority Documents - February, 2023

March 8, 2023

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

 

AD Common NameAD TypeSelectedGroupsInitiatives
ISO/IEC 27001:2022International or National Standard4011
NIST SP 800-53 R5International or National Standard402412
NIST CSF 1.1International or National Standard364720
ISO/IEC 27002:2022International or National Standard3124
EU General Data Protection Regulation (GDPR)Regulation or Statute2717516
CIS Controls, V8Best Practice Guideline2598
ISO/IEC 27701:2019International or National Standard20188
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard20118
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard2083
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor181444
California Privacy Rights Act (CPRA)Bill or Act1721
ISO 27001-2013International or National Standard1720317
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement15209
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard14108
Sarbanes-Oxley Act of 2002Bill or Act1445
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1330
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard1363
FedRAMP Baseline Security ControlsAudit Guideline131290
hipaa security ruleRegulation or Statute1351
NIST SP 800-53 R4International or National Standard1353
23 NYCRR 500Regulation or Statute12173
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard1295
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard1295
Gramm Leach BlileyBill or Act1230
HIPAA HCFABest Practice Guideline1232
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and PrivacySelf-Regulatory Body Requirement1242
CobiTSafe Harbor111671
NIST Privacy FrameworkInternational or National Standard11157
NIST SP 800-39International or National Standard11116
NIST SP 800-53International or National Standard11182
PCI DSS Defined Approach Testing Procedures, Version 4.0International or National Standard1164
PCI DSS v3.2.1Contractual Obligation1184
SOC2Safe Harbor1150
APRA CPS 234Regulation or Statute1040
CMMC Level 2, v2.0Best Practice Guideline1076
ITIL Foundation 4Best Practice Guideline1000
NIST SP 800-171International or National Standard1031
CIS Controls, V7.1Best Practice Guideline962
HIPAA Electronic Health Record TechnologyRegulation or Statute921
ISO/IEC 27018:2019International or National Standard900
NIST SP 800-37r2International or National Standard9135
Australia Privacy Amendment ActRegulation or Statute8120
BSI-Standard 100-2International or National Standard890
FedRAMP Security Controls Baseline, 2018Audit Guideline814
HIPAABill or Act8104
Insurance Data Security Model Law, NAIC MDL-668Best Practice Guideline832
California Consumer Privacy Act of 2018Bill or Act7441
ISO 27002International or National Standard793
NIST SP 800 66Safe Harbor7322
SSAE 18Safe Harbor773