News

Monthly Selected Authority Documents - April, 2022

May 1, 2022 | Monthly Updates

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
NIST CSF 1.1International or National Standard533616
ISO 27001-2013International or National Standard4918914
NIST SP 800-53 R5International or National Standard31118
EU General Data Protection Regulation (GDPR)Regulation or Statute2916612
CIS Controls, V8Best Practice Guideline2423
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard2452
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard1964
Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2.1Contractual Obligation1644
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation161496
ISO/IEC 27701:2019International or National Standard15145
CobiTSafe Harbor141621
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement14166
ISO/IEC 27002:2013(E)International or National Standard1314110
ISO/IEC 27002:2022International or National Standard1303
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1200
CMMC Level 2, v2.0Best Practice Guideline1222
NIST SP 800-53 R4International or National Standard1243
23 NYCRR 500Regulation or Statute1193
NIST SP 800-39International or National Standard1173
Sarbanes-Oxley Act of 2002Bill or Act1124
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and PrivacySelf-Regulatory Body Requirement1142
45 CFR Part 164Regulation or Statute1084
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020International or National Standard1065
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard1053
NIST Privacy FrameworkInternational or National Standard10114
NIST SP 800-30International or National Standard10158
NIST SP 800-37r2International or National Standard10104
NIST SP 800-53International or National Standard10171
CIS Controls V7Best Practice Guideline9252
hipaa security ruleRegulation or Statute951
ISO 9001:2015International or National Standard9182
NIST 800-53AInternational or National Standard9104
OWASP Top 10 - 2017International or National Standard952
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline8112
California Consumer Privacy Act of 2018Bill or Act811
CMMC Level 1, v2.0Best Practice Guideline822
FFIEC Information Technology Examination Handbook - Business Continuity ManagementAudit Guideline8122
Gramm Leach BlileyBill or Act801
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard8130
NIST SP 800 66Safe Harbor8261
SOC2Safe Harbor800
COBIT 2019Safe Harbor752
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020International or National Standard752
COSO Internal Control - Integrated FrameworkSelf-Regulatory Body Requirement7124
HIPAA Electronic Health Record TechnologyRegulation or Statute745
NIST CSF 1.0International or National Standard7112
NIST SP 800-122International or National Standard795
NIST SP 800-53 R4 High Impact, DeprecatedInternational or National Standard71684
NIST SP 800-53 R4 Low Impact, DeprecatedInternational or National Standard7795
NIST SP 800-53 R4 Moderate Impact, DeprecatedInternational or National Standard7805