Monthly Selected Authority Documents - June, 2020

July 1, 2020 | Monthly Updates

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
NIST SP 800-53 R4International or National Standard451185
ISO 27001-2013International or National Standard421577
NIST CSF 1.1International or National Standard34242
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation311322
NIST SP 800-53 R4 High ImpactInternational or National Standard291473
NIST SP 800-53 R4 Moderate ImpactInternational or National Standard28573
EU General Data Protection Regulation (GDPR)Regulation or Statute261386
CIS Controls V7Best Practice Guideline25181
NIST SP 800-53 R4 Low ImpactInternational or National Standard21563
HIPAABill or Act20831
Sarbanes Oxley SOXRegulation or Statute201261
California Consumer Privacy Act of 2018Bill or Act18260
Cloud Controls Matrix, Version 3.0Self-Regulatory Body Requirement1890
ISO/IEC 27701:2019International or National Standard1760
NIST SP 800-53International or National Standard1790
CobiTSafe Harbor161391
COBIT 5 Enabling Processes: BasicsSafe Harbor15382
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor141122
HIPAA Electronic Health Record TechnologyRegulation or Statute1443
ISO/IEC 27002:2013(E)International or National Standard141291
Trust Services CriteriaSelf-Regulatory Body Requirement1431
23 NYCRR 500Regulation or Statute1372
45 CFR Part 164Regulation or Statute1282
NIST 800-53AInternational or National Standard1131
FFIEC CATBest Practice Guideline1081
HITECH title within the American Recovery and Reinvestment Act of 2009Bill or Act1081
ISO 27002International or National Standard1011
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement1071
ISO/IEC 27018:2014International or National Standard1060
NIST SP 800 66Safe Harbor10110
PCI DSS Testing Procedures v3.2Contractual Obligation1080
AICPA Trust Services Principles and CriteriaSelf-Regulatory Body Requirement960
Australian Government Information Security Manual ControlsInternational or National Standard920
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline920
Gramm Leach BlileyBill or Act980
Australian Privacy ActBill or Act820
CMMC Level 5Best Practice Guideline800
FFIEC IT Examination HandbookAudit Guideline881
NIST CSF 1.0International or National Standard8111
PIPEDABill or Act810
UK Data Protection Act 2018Bill or Act800
Australia Privacy Amendment ActRegulation or Statute7100
Authentication in an Internet Banking EnvironmentBest Practice Guideline752
CIS 20 Critical Security ControlsBest Practice Guideline790
CMMC Level 1Best Practice Guideline700
CMMC Level 3Best Practice Guideline700
HIPAA HCFABest Practice Guideline750
MAS TRMContractual Obligation7280
New Zealand Privacy ActRegulation or Statute730
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard700