News

Monthly Selected Authority Documents - July, 2022

August 1, 2022

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard2419217
NIST CSF 1.1International or National Standard244019
NIST SP 800-53 R5International or National Standard221511
EU General Data Protection Regulation (GDPR)Regulation or Statute1916915
CIS Controls, V8Best Practice Guideline1877
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1610
CobiTSafe Harbor151621
ISO/IEC 27002:2022International or National Standard1403
Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2.1Contractual Obligation1444
Sarbanes-Oxley Act of 2002Bill or Act1424
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement13199
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard1302
NIST SP 800-39International or National Standard12106
SOC2Safe Harbor1200
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard1185
hipaa security ruleRegulation or Statute1151
ISO 27002International or National Standard1172
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard1085
ISO/IEC 27018:2014International or National Standard10152
ISO/IEC 27701:2019International or National Standard10178
NIST Privacy FrameworkInternational or National Standard10147
23 NYCRR 500Regulation or Statute9113
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard998
HIPAABill or Act9105
ISO 9001:2015International or National Standard9182
ISO/IEC 27002:2013(E)International or National Standard914413
ISO/IEC 27018:2019International or National Standard900
NIST SP 800-53International or National Standard9171
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor81374
California Consumer Privacy Act of 2018Bill or Act821
ISO 22301:2019(E)International or National Standard800
ITIL Foundation 4Best Practice Guideline800
SWIFT Customer Security Controls FrameworkBest Practice Guideline800
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and PrivacySelf-Regulatory Body Requirement842
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard753
HIPAA Electronic Health Record TechnologyRegulation or Statute745
ISO 27005 R 2011International or National Standard7178
ISO/IEC 20000-1:2018International or National Standard770
NIST SP 800-37r2International or National Standard7104
NIST SP 800-61International or National Standard7169
OWASP Top 10 - 2017International or National Standard795
SSAE No. 16 Reporting on Controls at a Service Organization SOC-1Safe Harbor793
APRA CPS 234Regulation or Statute630
Brazilian General Data Protection Law (LGPD)Bill or Act630
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline6123
California Consumer Privacy Act of 2018Bill or Act6391
CRI Profile v1.2Best Practice Guideline600
FedRAMP Baseline Security ControlsAudit Guideline61240
FFIEC CATBest Practice Guideline6101
FFIEC IT Examination HandbookAudit Guideline6122