News

6 new Authority Documents have been added to the UCF

October 26, 2020 | Weekly Updates

APRA Prudential Practice Guide CPG 234 Information Security
AD ID: 3219
Status: Released
Availability: Free
Citation Format: § (Legal) and ¶ (Para)
Document Type: APRA Prudential Practice Guide CPG 234 Information Security
Originator: Australian Prudential Regulation Authority
Parent Category: Australia-Oceania
Effective Date: 2019-06-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 493 citations mapped to 292 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-10-19.

Percent (%) of Citations with multiple mandates: 34.4%

Percent (%) of terms that were non-standard: 7.70% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 5.7% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0.2% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


The Center for Internet Security Kubernetes Level 2 Worker Node Benchmark
AD ID: 3231
Status: Released
Availability: With Membership
Citation Format: ID (Reference ID)
Document Type: The Center for Internet Security Kubernetes Level 2 Worker Node Benchmark
Originator: The Center for Internet Security
Parent Category: International
Effective Date: 2020-07-23
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 55 citations mapped to 25 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-10-20.

Percent (%) of Citations with multiple mandates: 22.2%

Percent (%) of terms that were non-standard: 2.50% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 41.8% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 3.6% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


The Center for Internet Security Docker Level 2 Linux Host OS Benchmark
AD ID: 3233
Status: Released
Availability: With Membership
Citation Format: None
Document Type: The Center for Internet Security Docker Level 2 Linux Host OS Benchmark
Originator: The Center for Internet Security
Parent Category: International
Effective Date: 2019-07-29
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 29 citations mapped to 17 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-10-20.

Percent (%) of Citations with multiple mandates: 3.6%

Percent (%) of terms that were non-standard: 1.60% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 6.9% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 41.4% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


The Center for Internet Security Docker Level 2 Docker Engine Enterprise Benchmark
AD ID: 3234
Status: Released
Availability: With Membership
Citation Format: ID (Reference ID)
Document Type: The Center for Internet Security Docker Level 2 Docker Engine Enterprise Benchmark
Originator: The Center for Internet Security
Parent Category: International
Effective Date: 2019-07-29
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 23 citations mapped to 11 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-10-20.

Percent (%) of Citations with multiple mandates: 4.5%

Percent (%) of terms that were non-standard: 0.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 30.4% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 13% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


The Center for Internet Security Docker Level 2 Docker Linux Benchmark
AD ID: 3235
Status: Released
Availability: With Membership
Citation Format: ID (Reference ID)
Document Type: The Center for Internet Security Docker Level 2 Docker Linux Benchmark
Originator: The Center for Internet Security
Parent Category: International
Effective Date: 2019-07-29
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 112 citations mapped to 94 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-10-20.

Percent (%) of Citations with multiple mandates: 4.8%

Percent (%) of terms that were non-standard: 3.20% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 71.4% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 11.6% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


The Center for Internet Security Kubernetes Level 2 Master Node Benchmark
AD ID: 3239
Status: Released
Availability: With Membership
Citation Format: ID (Reference ID)
Document Type: The Center for Internet Security Kubernetes Level 2 Master Node Benchmark
Originator: The Center for Internet Security
Parent Category: International
Effective Date: 2020-07-23
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 123 citations mapped to 95 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-10-20.

Percent (%) of Citations with multiple mandates: 5.1%

Percent (%) of terms that were non-standard: 1.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 74.8% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 6.5% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


News

6 new Authority Documents have been added to the UCF

April 20, 2020 | Weekly Updates

45 CFR Part 162 - Administrative Requirements
AD ID: 985
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: 45 CFR Part 162 - Administrative Requirements
Originator: US Department of Health and Human Services
Parent Category: North America
Effective Date: 2009-08-24
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 49 citations mapped to 17 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-14.

Percent (%) of Citations with multiple mandates: 2.1%

Percent (%) of terms that were non-standard: 8.40% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 12.3% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 4.1% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 62.5% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 26.5% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


ISO/IEC 19770-1, Information technology -- IT asset management -- Part 1: IT asset management systems -- Requirements
AD ID: 3088
Status: Released
Availability: For Purchase
Citation Format: ¶ (Para and Page) or ID (Reference ID)
Document Type: ISO/IEC 19770-1, Information technology -- IT asset management -- Part 1: IT asset management systems -- Requirements
Originator: International Organization for Standardization
Parent Category: International
Effective Date: 2017-12-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 398 citations mapped to 123 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-13.

Percent (%) of Citations with multiple mandates: 16.7%

Percent (%) of terms that were non-standard: 25.20% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 1.7% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 14.1% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 100% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 3% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


Pipeline Security Guidelines
AD ID: 3135
Status: Released
Availability: Free
Citation Format: § (Legal)
Document Type: Pipeline Security Guidelines
Originator: US Transportation Security Administration
Parent Category: North America
Effective Date: 2018-03-01
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 208 citations mapped to 7 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-13.

Percent (%) of Citations with multiple mandates: 28.6%

Percent (%) of terms that were non-standard: 6.60% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 13.5% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


Cybersecurity Maturity Model Certification
AD ID: 3172
Status: Released
Availability: Free
Citation Format: Control:
Document Type: Cybersecurity Maturity Model Certification
Originator: US Department of Defense
Parent Category: North America
Effective Date: 2020-04-09
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 160 citations mapped to 138 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-13.

Percent (%) of Citations with multiple mandates: 17.8%

Percent (%) of terms that were non-standard: 100.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 2.5% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


Cybersecurity Maturity Model Certification
AD ID: 3173
Status: Released
Availability: Free
Citation Format: Control:
Document Type: Cybersecurity Maturity Model Certification
Originator: US Department of Defense
Parent Category: North America
Effective Date: 2020-04-13
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 96 citations mapped to 85 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-13.

Percent (%) of Citations with multiple mandates: 25.4%

Percent (%) of terms that were non-standard: 100.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 2.1% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.


Cybersecurity Maturity Model Certification
AD ID: 3174
Status: Released
Availability: Free
Citation Format: Control:
Document Type: Cybersecurity Maturity Model Certification
Originator: US Department of Defense
Parent Category: North America
Effective Date: 2020-04-13
Language: eng

Click here to launch this Authority Document in the Common Controls Hub

This Authority Document has 18 citations mapped to 16 UCF Common Control IDs. The document as a whole was last reviewed and released on 2020-04-13.

Percent (%) of Citations with multiple mandates: 5.9%

Percent (%) of terms that were non-standard: 100.00% The number of non-standard terms doesn't affect UCF users as the UCF team have already mapped those terms to standard terms in the Compliance Dictionary.

Percent (%) of terms mapped into the AD's glossary: 0% Primary verbs and nouns not mapped into an AD's glossary can point to the AD's authors not paying attention to the definitions of their terms.

Percent (%) of terms where fewer than 5 other ADs referenced the term: 0% Any term in this category is not very widely used by the rest of the compliance community and therefore will more than likely need to be further investigated for any implications it might bring.

Percent (%) of mandates where only 1 to 5 other ADs mapped to the Common Control: 0% Mandates that aren't widely called for will take longer to implement than mandates that are more familiar.

Number of mandates where 0 other ADs mapped to the Common Control: 0% These mandates are only called for by this AD, making them particularly thorny to implement, as this AD is the "lone wolf" in asking for them to be followed.