Monthly Selected Authority Documents - October, 2023

November 1, 2023 | Monthly Updates

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
NIST SP 800-53 R5International or National Standard322615
ISO/IEC 27002:2022International or National Standard2988
ISO/IEC 27001:2022International or National Standard2383
NIST CSF 1.1International or National Standard215922
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard2183
CIS Controls, V8Best Practice Guideline19129
EU General Data Protection Regulation (GDPR)Regulation or Statute1918519
hipaa security ruleRegulation or Statute1751
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1640
Sarbanes-Oxley Act of 2002Bill or Act1456
ISO/IEC 27701:2019International or National Standard13188
SOC2Safe Harbor1350
NIST SP 800-53International or National Standard11171
CobiTSafe Harbor101671
ISO 27001-2013International or National Standard1021421
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard10148
Gramm Leach BlileyBill or Act930
ISO 27002International or National Standard984
PCI DSS Defined Approach Testing Procedures, Version 4.0International or National Standard964
PCI DSS v3.2.1Contractual Obligation984
HIPAABill or Act8104
NIST SP 800-37r2International or National Standard8135
PCI DSS Wireless GuidelineSafe Harbor880
23 NYCRR 500Regulation or Statute7275
COBIT 2019Safe Harbor752
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard7105
HIPAA Electronic Health Record TechnologyRegulation or Statute721
IEC 62443-3-3: Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levelsInternational or National Standard732
ISO 27005 R 2011International or National Standard7258
NIST AI 100-1Best Practice Guideline700
NIST CSF 1.0International or National Standard7122
NIST Privacy FrameworkInternational or National Standard7157
NIST SP 800 66Safe Harbor7311
NIST SP 800-171International or National Standard742
Trust Services Criteria (with Revised Points of Focus - 2022)Self-Regulatory Body Requirement743
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor61446
California Consumer Privacy Act of 2018Bill or Act6452
California Privacy Rights Act (CPRA)Bill or Act642
CMMC Level 2, v2.0Best Practice Guideline696
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard663
IRS Pub 1075International or National Standard631
NIST 800-53AInternational or National Standard6137
PCI DSS v4.0 SAQ B-IPContractual Obligation612
PCI DSS v4.0 SAQ CContractual Obligation610
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline5184
COBIT 5 Enabling Processes: BasicsSafe Harbor5543
Cyber Assurance FrameworkBest Practice Guideline500
HIPAA Electronic Health Record TechnologyRegulation or Statute555
IEC 62443-4-2International or National Standard532
ISO/IEC 27002:2013(E)International or National Standard514715