Monthly Selected Authority Documents - November, 2023

December 1, 2023

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
NIST SP 800-53 R5International or National Standard422717
ISO/IEC 27001:2022International or National Standard40104
NIST CSF 1.1International or National Standard406123
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard3184
CIS Controls, V8Best Practice Guideline26139
EU General Data Protection Regulation (GDPR)Regulation or Statute2618519
ISO 27001-2013International or National Standard2621622
ISO/IEC 27002:2022International or National Standard261010
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1650
hipaa security ruleRegulation or Statute1651
ISO/IEC 27701:2019International or National Standard16189
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor151447
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard15158
HIPAA Electronic Health Record TechnologyRegulation or Statute1465
Digital Operational Resilience ActRegulations1300
NIST SP 800-53International or National Standard13171
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline12184
CobiTSafe Harbor121671
California Privacy Rights Act (CPRA)Bill or Act1142
Cyber Assurance FrameworkBest Practice Guideline1111
Gramm Leach BlileyBill or Act1130
HIPAABill or Act11104
ISO 27002International or National Standard1184
ISO/IEC 27002:2013(E)International or National Standard1114816
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement112311
ITIL Foundation 4Best Practice Guideline1101
NIST AI 100-1Best Practice Guideline1110
NIST Privacy FrameworkInternational or National Standard11157
PCI DSS Defined Approach Testing Procedures, Version 4.0International or National Standard1165
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard10191
ISO/IEC 27018:2019International or National Standard1032
SOC2Safe Harbor1050
SSAE No. 16 Reporting on Controls at a Service Organization SOC-1Safe Harbor1093
23 NYCRR 500Regulation or Statute9275
HIPAA Electronic Health Record TechnologyRegulation or Statute921
NIST SP 800-53 Revision 5.1.1International or National Standard900
PCI DSS v3.2.1Contractual Obligation984
Red Book (Condensed)International or National Standard9147
CMMC Level 2, v2.0Best Practice Guideline8106
ISO 22301:2019(E)International or National Standard812
NIST SP 800-63CInternational or National Standard862
Sarbanes-Oxley Act of 2002Bill or Act856
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and PrivacySelf-Regulatory Body Requirement862
California Consumer Privacy Act of 2018Bill or Act7452
CMMC Level 1, v2.0Best Practice Guideline785
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard7115
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard763
NIST CSF 1.0International or National Standard7122
NIST SP 800-39International or National Standard7196
NIST SP 800-53 R4International or National Standard753