News

Categories

4 new Authority Documents have been added to the UCF

April 13, 2020 | Weekly Updates

FFIEC Business Continuity Planning (BCP) IT Examination Handbook
AD ID: 3105
Status: Released
Availability: Free
Citation Format: Rule (Defined Rules)
Document Type: FFIEC Business Continuity Planning (BCP) IT Examination Handbook
Originator: US Federal Financial Institutions Examination Council (FFIEC)
Parent Category: North America
Effective Date: 2019-11-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 758 citations mapped to 287 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-08.

Percent (%) of Citations with multiple mandates: 23.7%

Percent (%) of terms that were non-standard: 11.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0.1% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 29.2% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 100% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 1.2% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Hong Kong Monetary Authority Supervisory Policy Manual SA-2 Outsourcing
AD ID: 3151
Status: Released
Availability: Free
Citation Format: ¶ (Para and Page) with Section Titles
Document Type: Hong Kong Monetary Authority Supervisory Policy Manual SA-2 Outsourcing
Originator: Hong Kong Monetary Authority
Parent Category: Asia
Effective Date: 2001-12-28
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 81 citations mapped to 0 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-10.

Percent (%) of Citations with multiple mandates: 33.3%

Percent (%) of terms that were non-standard: 9.80% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 18.5% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 1.2% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Pandemic Response Planning Policy
AD ID: 3160
Status: Released
Availability: Free
Citation Format: ¶ (Para and Page) with Section Titles
Document Type: Pandemic Response Planning Policy
Originator: SANS Institute
Parent Category: Security and Privacy Organizations
Effective Date: 2020-03-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 51 citations mapped to 28 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-06.

Percent (%) of Citations with multiple mandates: 11.4%

Percent (%) of terms that were non-standard: 16.80% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 23.5% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 33.3% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Cybersecurity Maturity Model Certification
AD ID: 3166
Status: Released
Availability: Free
Citation Format: Control:
Document Type: Cybersecurity Maturity Model Certification
Originator: US Department of Defense
Parent Category: North America
Effective Date: 2020-04-07
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 199 citations mapped to 0 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-08.

Percent (%) of Citations with multiple mandates: 20.5%

Percent (%) of terms that were non-standard: 100.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 6.5% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

News

Categories

4 new Authority Documents have been added to the UCF

June 24, 2019 | Weekly Updates

Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53
AD ID: 1374
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53
Originator: US National Institute of Standards and Technology
Parent Category: North America
Effective Date: 2013-04-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 2345 citations mapped to 741 UCF Common Control IDs. The document as a whole was last reviewed and released on 2019-06-18.

Percent (%) of Citations with multiple mandates: 1%

Percent (%) of terms that were non-standard: 9.50% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 7.8% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 2.3% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline
AD ID: 1913
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline
Originator: US National Institute of Standards and Technology
Parent Category: North America
Effective Date: 2013-04-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 762 citations mapped to 255 UCF Common Control IDs. The document as a whole was last reviewed and released on 2019-06-18.

Percent (%) of Citations with multiple mandates: 1.3%

Percent (%) of terms that were non-standard: 100.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 2.4% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline
AD ID: 1914
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline
Originator: US National Institute of Standards and Technology
Parent Category: North America
Effective Date: 2013-04-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 1069 citations mapped to 376 UCF Common Control IDs. The document as a whole was last reviewed and released on 2019-06-18.

Percent (%) of Citations with multiple mandates: 1.1%

Percent (%) of terms that were non-standard: 100.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 3.4% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline
AD ID: 1915
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline
Originator: US National Institute of Standards and Technology
Parent Category: North America
Effective Date: 2013-04-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 1249 citations mapped to 429 UCF Common Control IDs. The document as a whole was last reviewed and released on 2019-06-18.

Percent (%) of Citations with multiple mandates: 1.1%

Percent (%) of terms that were non-standard: 100.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 4.2% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

News

Categories

4 new Authority Documents have been added to the UCF

March 4, 2019 | Weekly Updates

Digital Identity Guidelines: Federation and Assertions
AD ID: 2953
Status: Released
Availability: Free
Citation Format: ¶ (Numbered Paragraphs)
Document Type: Digital Identity Guidelines: Federation and Assertions
Originator: US National Institute of Standards and Technology
Parent Category: North America
Effective Date: 2017-06-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 224 citations mapped to 82 UCF Common Control IDs. The document as a whole was last reviewed and released on 2019-02-27.

Percent (%) of Citations with multiple mandates: 13.3%

Percent (%) of terms that were non-standard: 6.80% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 4.7% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 8% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 90% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 20.5% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Colorado Code of Regulations, Section 702-6, Consumer Protection (General)
AD ID: 2975
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: Colorado Code of Regulations, Section 702-6, Consumer Protection (General)
Originator: Colorado Department of Regulatory Agencies
Parent Category: North America
Effective Date: 2015-10-15
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 309 citations mapped to 60 UCF Common Control IDs. The document as a whole was last reviewed and released on 2019-02-25.

Percent (%) of Citations with multiple mandates: 10.1%

Percent (%) of terms that were non-standard: 18.30% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 43.7% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 1.9% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Colorado Revised Statutes, Title 6, Consumer and Commercial Affairs, Fair Trade and Restraint of Trade, Article 1, Colorado Consumer Protection Act
AD ID: 2977
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: Colorado Revised Statutes, Title 6, Consumer and Commercial Affairs, Fair Trade and Restraint of Trade, Article 1, Colorado Consumer Protection Act
Originator: Colorado State Legislature
Parent Category: North America
Effective Date: Not Defined
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 118 citations mapped to 45 UCF Common Control IDs. The document as a whole was last reviewed and released on 2019-02-28.

Percent (%) of Citations with multiple mandates: 6.4%

Percent (%) of terms that were non-standard: 45.90% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 5.1% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 1.7% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.

Financial Services Sector Cybersecurity Profile
AD ID: 2980
Status: Released
Availability: Free
Citation Format: None
Document Type: Financial Services Sector Cybersecurity Profile
Originator: Financial Services Sector Coordinating Council
Parent Category: North America
Effective Date: 2018-10-25
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 700 citations mapped to 336 UCF Common Control IDs. The document as a whole was last reviewed and released on 2019-02-25.

Percent (%) of Citations with multiple mandates: 30.8%

Percent (%) of terms that were non-standard: 13.50% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0.4% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 20.4% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 33.3% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 1.9% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.