News

Monthly Selected Authority Documents - August, 2023

September 1, 2023

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO/IEC 27001:2022International or National Standard2963
NIST SP 800-53 R5International or National Standard262615
EU General Data Protection Regulation (GDPR)Regulation or Statute1918418
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard1883
NIST CSF 1.1International or National Standard165722
CIS Controls, V8Best Practice Guideline15119
ISO/IEC 27701:2019International or National Standard15188
ISO 27001-2013International or National Standard1421321
ISO/IEC 27018:2019International or National Standard1411
NIST SP 800-53International or National Standard14171
Sarbanes-Oxley Act of 2002Bill or Act1356
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline11184
California Consumer Privacy Act of 2018Bill or Act11441
hipaa security ruleRegulation or Statute1051
ISO 27002International or National Standard1084
PCI DSS Defined Approach Testing Procedures, Version 4.0International or National Standard1064
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor91446
HIPAABill or Act9104
ISO/IEC 27002:2022International or National Standard935
California Privacy Rights Act (CPRA)Bill or Act831
CobiTSafe Harbor71671
ISO 9001:2015International or National Standard7193
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement72110
NIST SP 800-171International or National Standard742
23 NYCRR 500Regulation or Statute6275
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard695
ISO 22301:2019(E)International or National Standard611
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard6138
Red Book (Condensed)International or National Standard6147
SOC2Safe Harbor650
Trust Services Criteria (with Revised Points of Focus - 2022)Self-Regulatory Body Requirement600
AICPA Trust ServicesAudit Guideline561
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement530
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard563
Cyber Assurance FrameworkBest Practice Guideline500
FedRAMP Version 5 Moderate BaselineAudit Guideline500
National Cybersecurity Strategy (Condensed)Regulation or Statute500
NIST SP 800-53 R4International or National Standard553
California's Internet Privacy RequirementsBill or Act441
CIS Amazon Web Services Foundations, Benchmark v1.4.0, Level 1Best Practice Guideline400
COBIT 2019Safe Harbor452
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard4108
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard495
EudraLex Rules Governing Medicinal Products in the European Union Annex 11 Computerised SystemsBest Practice Guideline451
FFIEC CATBest Practice Guideline4231
FFIEC Information Technology Examination Handbook - Business Continuity ManagementAudit Guideline4205
Gramm Leach BlileyBill or Act430
HIPAA Electronic Health Record TechnologyRegulation or Statute445
HIPAA HCFABest Practice Guideline432
ISO 20000-1 2nd EdInternational or National Standard4290