Monthly Selected Authority Documents - May, 2023

June 5, 2023 | Monthly Updates

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.


AD Common NameAD TypeSelectedGroupsInitiatives
NIST SP 800-53 R5International or National Standard372614
ISO/IEC 27001:2022International or National Standard3453
NIST CSF 1.1International or National Standard305722
ISO 27001-2013International or National Standard2421319
CIS Controls, V8Best Practice Guideline2098
EU General Data Protection Regulation (GDPR)Regulation or Statute2018316
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1730
ISO/IEC 27002:2022International or National Standard1635
NIST SP 800-53International or National Standard15171
Sarbanes-Oxley Act of 2002Bill or Act1556
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard1383
23 NYCRR 500Regulation or Statute12264
PCI DSS v3.2.1Contractual Obligation1284
CobiTSafe Harbor111671
SOC2Safe Harbor1150
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor101444
ISO 27002International or National Standard1082
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard9128
PCI DSS Defined Approach Testing Procedures, Version 4.0International or National Standard964
FedRAMP Baseline Security ControlsAudit Guideline81290
ISO/IEC 27701:2019International or National Standard8188
SSAE 18Safe Harbor873
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline7184
COBIT 2019Safe Harbor752
NIST Privacy FrameworkInternational or National Standard7157
NIST SP 800-171International or National Standard742
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and PrivacySelf-Regulatory Body Requirement742
California Privacy Rights Act (CPRA)Bill or Act631
FedRAMP Security Controls Baseline, 2018Audit Guideline614
HIPAABill or Act6104
ISO/IEC 27002:2013(E)International or National Standard614413
NIST SP 800 66Safe Harbor6311
NIST SP 800-37r2International or National Standard6135
NIST SP 800-39International or National Standard6196
NIST SP 800-53 R4International or National Standard653
16 CFR Part 314Regulation or Statute541
California Consumer Privacy Act of 2018Bill or Act5441
COBIT 5 Enabling Processes: BasicsSafe Harbor5543
FFIEC CATBest Practice Guideline5231
hipaa security ruleRegulation or Statute551
ISO 31000:2018International or National Standard5236
ISO 9001:2015International or National Standard5193
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement52110
MAS TRMContractual Obligation5480
NIST SP 800-30International or National Standard52612
PIPEDABill or Act522
SWIFT Customer Security Controls FrameworkBest Practice Guideline500
AICPA Trust ServicesAudit Guideline461
Appendix B of 12 CFR Part 30Regulation or Statute4111
CIS Controls V7Best Practice Guideline4252