News

Monthly Selected Authority Documents - June, 2023

July 5, 2023

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

 

AD Common NameAD TypeSelectedGroupsInitiatives
NIST SP 800-53 R5International or National Standard322615
ISO/IEC 27001:2022International or National Standard2753
EU General Data Protection Regulation (GDPR)Regulation or Statute2618318
ISO 27001-2013International or National Standard2421321
NIST CSF 1.1International or National Standard235722
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard2183
CIS Controls, V8Best Practice Guideline1998
ISO/IEC 27002:2022International or National Standard1935
CobiTSafe Harbor171671
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard1695
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1530
PCI DSS v3.2.1Contractual Obligation1584
ISO/IEC 27701:2019International or National Standard14188
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard14128
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor121446
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard12108
NIST SP 800-53 R4International or National Standard1153
SWIFT Customer Security Controls FrameworkBest Practice Guideline1100
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard1095
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard1063
NIST Privacy FrameworkInternational or National Standard10157
NIST SP 800-161 r1International or National Standard1010
23 NYCRR 500Regulation or Statute9264
California Privacy Rights Act (CPRA)Bill or Act931
CMMC Level 2, v2.0Best Practice Guideline976
Gramm Leach BlileyBill or Act930
HIPAABill or Act9104
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard9190
ISO 27002International or National Standard984
ISO/IEC 27002:2013(E)International or National Standard914413
NIST SP 800-37r2International or National Standard9135
NIST SP 800-53International or National Standard9171
Sarbanes-Oxley Act of 2002Bill or Act956
NIST SP 800-39International or National Standard8196
Trust Services Criteria (with Revised Points of Focus - 2022)Self-Regulatory Body Requirement800
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and PrivacySelf-Regulatory Body Requirement842
California Consumer Privacy Act of 2018Bill or Act7441
CMMC Level 1, v2.0Best Practice Guideline765
COSO Internal Control - Integrated FrameworkSelf-Regulatory Body Requirement7237
EBA/GL/2019/04Regulation or Statute7210
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement72110
Massachusetts 201 CMR 17.00 Standards for The Protection of Personal Information of Residents of the Commonwealth of MassachusettsRegulation or Statute731
NIST SP 800-61International or National Standard7249
PCI DSS Defined Approach Testing Procedures, Version 4.0International or National Standard764
APRA CPS 234Regulation or Statute6120
Australian Government Information Security Manual 2021International or National Standard630
Australian Government Information Security Manual ControlsInternational or National Standard630
COBIT 2019Safe Harbor652
Code of Alabama, Sections 13A-8-190 thru 13A-8-201Regulation or Statute632
Consumer Data Protection ActBill or Act600