Monthly Selected Authority Documents - January, 2017

April 18, 2017 | Weekly Updates

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard751912
NIST SP 800-53 R4International or National Standard4344
ISO/IEC 27002:2013(E)International or National Standard4255
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation4130
Sarbanes Oxley SOXRegulation or Statute311611
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor2693
HIPAABill or Act26127
NIST SP 800-53 R4 Moderate ImpactInternational or National Standard2554
CobiTSafe Harbor23166
ISO 27002International or National Standard2385
NIST SP 800-53 R4 High ImpactInternational or National Standard2382
Gramm Leach BlileyBill or Act2274
NIST Framework for Improving Critical Infrastructure CybersecurityInternational or National Standard2097
PCI DSS 3.1Contractual Obligation1922
FFIEC Information SecurityBest Practice Guideline1753
HIPAA Electronic Health Record TechnologyRegulation or Statute1741
NIST SP 800-53 R4 Low ImpactInternational or National Standard1742
Authentication in an Internet Banking EnvironmentBest Practice Guideline1630
FFIEC Business Continuity PlanningBest Practice Guideline1530
FFIEC E BankingBest Practice Guideline1530
HITECH title within the American Recovery and Reinvestment Act of 2009Bill or Act1552
NIST SP 800-171International or National Standard1521
45 CFR Part 164Regulation or Statute1484
FFIEC ManagementBest Practice Guideline1430
FFIEC Outsourcing Technology ServicesBest Practice Guideline1441
FFIEC Supervision of Technology Service ProvidersBest Practice Guideline1441
SSAE No. 16 Reporting on Controls at a Service Organization SOC-1Safe Harbor1453
FFIEC AuditBest Practice Guideline1330
ISO 27005 R 2011International or National Standard1375
ITIL Service SupportBest Practice Guideline1333
NIST SP 800 66Safe Harbor1396
Basel IIRegulation or Statute1211
CSIS 20 Critical Security ControlsBest Practice Guideline1273
FedRAMP Baseline Security ControlsAudit Guideline1283
FFIEC Development AcquisitionBest Practice Guideline1230
FFIEC OperationsBest Practice Guideline1230
FFIEC Retail Payment SystemsBest Practice Guideline1230
ISO 20000-1 2nd EdInternational or National Standard1263
ITIL Security ManagementBest Practice Guideline1253
FFIEC Wholesale Payment SystemsBest Practice Guideline1130
HIPAA HCFABest Practice Guideline1172
ISO 31000 R 2009International or National Standard11103
NIST SP 800-53International or National Standard1153
Canada Personal Information Protection Electronic Documents ActRegulation or Statute1042
CIS 20 Critical Security ControlsBest Practice Guideline1000
Departmental Information Risk PolicySafe Harbor1055
ISO 20000-2 R 2005International or National Standard1063
UK Data Protection Act of 1998Regulation or Statute10105
AICPA Trust ServicesAudit Guideline942
BSI-Standard 100-2International or National Standard930