Monthly Selected Authority Documents - July, 2020

August 1, 2020 | Monthly Updates

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard491597
NIST SP 800-53 R4International or National Standard341207
EU General Data Protection Regulation (GDPR)Regulation or Statute311406
NIST CSF 1.1International or National Standard31254
NIST SP 800-53 R4 Moderate ImpactInternational or National Standard29595
NIST SP 800-53 R4 High ImpactInternational or National Standard271494
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation241342
HIPAABill or Act23831
NIST SP 800-53 R4 Low ImpactInternational or National Standard21584
CIS Controls V7Best Practice Guideline19181
HIPAA Electronic Health Record TechnologyRegulation or Statute1743
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor161142
California Consumer Privacy Act of 2018Bill or Act16260
CobiTSafe Harbor161401
FedRAMP Baseline Security ControlsAudit Guideline151030
Sarbanes Oxley SOXRegulation or Statute151281
ISO/IEC 27701:2019International or National Standard1270
Cloud Controls Matrix, Version 3.0Self-Regulatory Body Requirement11100
ISO 27002International or National Standard1121
NIST CSF 1.0International or National Standard11111
NIST SP 800 66Safe Harbor11110
NIST SP 800-53International or National Standard11100
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline1020
Gramm Leach BlileyBill or Act1070
ITIL Security ManagementBest Practice Guideline1000
CSIS 20 Critical Security ControlsBest Practice Guideline91370
HIPAA HCFABest Practice Guideline950
ISO/IEC 27002:2013(E)International or National Standard91291
ISO/IEC 27018:2014International or National Standard970
NICE NISTInternational or National Standard930
23 NYCRR 500Regulation or Statute872
AICPA Trust Services Principles and CriteriaSelf-Regulatory Body Requirement870
CMMC Level 3Best Practice Guideline800
PCI DSS 3.0 RequirementsSelf-Regulatory Body Requirement8731
PIPEDABill or Act810
45 CFR Part 164Regulation or Statute782
AICPA Trust ServicesAudit Guideline740
CMMC Level 5Best Practice Guideline700
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard750
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement781
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard770
Trust Services CriteriaSelf-Regulatory Body Requirement731
UK Data Protection Act 2018Bill or Act710
21 CFR Part 11Regulation or Statute690
Cloud Security Alliance CCM V1.3Best Practice Guideline640
CMMC Level 1Best Practice Guideline600
COBIT 2019Safe Harbor611
Generally Accepted Privacy PrinciplesBest Practice Guideline600
HITECH title within the American Recovery and Reinvestment Act of 2009Bill or Act681
ISO 31000 R 2009International or National Standard61412