News

4 new Authority Documents have been added to the UCF

February 15, 2021 | Weekly Updates

Department of Defense Cloud Computing Security Requirements Guide
AD ID: 3048
Status: Released
Availability: Free
Citation Format: ¶ (Numbered Paragraphs)
Document Type: Department of Defense Cloud Computing Security Requirements Guide
Originator: US Department of Defense
Parent Category: North America
Effective Date: 2017-03-06
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 1003 citations mapped to 290 UCF Common Control IDs. The document as a whole was last reviewed and released on 2021-02-09.

Percent (%) of Citations with multiple mandates: 14.9%

Percent (%) of terms that were non-standard: 14.30% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 3% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 8.8% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 57.1% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0.1% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53
AD ID: 3241
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53
Originator: US National Institute of Standards and Technology
Parent Category: North America
Effective Date: 2020-09-23
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 3797 citations mapped to 1322 UCF Common Control IDs. The document as a whole was last reviewed and released on 2021-02-12.

Percent (%) of Citations with multiple mandates: 10%

Percent (%) of terms that were non-standard: 10.10% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 7.6% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 6.6% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 26.9% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 1% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


Trust Services Criteria
AD ID: 3288
Status: Released
Availability: For Purchase
Citation Format: ¶ (Numbered Paragraphs)
Document Type: Trust Services Criteria
Originator: American Institute of Certified Public Accountants
Parent Category: North America
Effective Date: 2020-03-31
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 716 citations mapped to 402 UCF Common Control IDs. The document as a whole was last reviewed and released on 2021-02-12.

Percent (%) of Citations with multiple mandates: 20.7%

Percent (%) of terms that were non-standard: 84.40% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 8.9% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


United States Code - 15 U.S.C. 278g-3a to 278g-3e, IoT Cybersecurity Improvement Act of 2020
AD ID: 3289
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: United States Code - 15 U.S.C. 278g-3a to 278g-3e, IoT Cybersecurity Improvement Act of 2020
Originator: US Congress
Parent Category: North America
Effective Date: Not Defined
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 27 citations mapped to 6 UCF Common Control IDs. The document as a whole was last reviewed and released on 2021-02-11.

Percent (%) of Citations with multiple mandates: 3.8%

Percent (%) of terms that were non-standard: 7.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 3% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 0% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.