Monthly Selected Authority Documents - November, 2020

December 1, 2020 | Monthly Updates

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard591698
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor361253
NIST CSF 1.1International or National Standard35285
EU General Data Protection Regulation (GDPR)Regulation or Statute311509
NIST SP 800-53 R4International or National Standard281308
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation261362
NIST SP 800-53 R4 Moderate ImpactInternational or National Standard24716
ISO/IEC 27002:2013(E)International or National Standard211312
California Consumer Privacy Act of 2018Bill or Act19311
Sarbanes Oxley SOXRegulation or Statute191391
ISO 27002International or National Standard1731
NIST SP 800-53International or National Standard16120
NIST SP 800-53 R4 High ImpactInternational or National Standard161585
NIST SP 800-53 R4 Low ImpactInternational or National Standard16696
HIPAA Electronic Health Record TechnologyRegulation or Statute1533
CIS Controls, V7.1Best Practice Guideline1401
HIPAABill or Act14920
NIST SP 800-53 R4International or National Standard1400
APRA PPG 234Safe Harbor1370
CMMC Level 3Best Practice Guideline1301
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement1392
NIST 800-53AInternational or National Standard1352
APRA CPS 234Regulation or Statute1220
CobiTSafe Harbor121492
FedRAMP Baseline Security ControlsAudit Guideline111130
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard11100
ISO/IEC 27018:2014International or National Standard11110
ISO/IEC 27701:2019International or National Standard1171
SWIFT Customer Security Controls FrameworkBest Practice Guideline1100
Trust Services CriteriaSelf-Regulatory Body Requirement1131
APRA PPG 234Safe Harbor1000
Australian Privacy ActBill or Act1020
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline1060
Canada Privacy Policy PrinciplesRegulation or Statute1023
FedRAMP Security Controls Baseline, 2018Audit Guideline1002
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard1001
Cloud Controls Matrix, Version 3.0Self-Regulatory Body Requirement9100
NIST CSF 1.0International or National Standard9101
NIST SP 800 66Safe Harbor9171
NIST SP 800-171International or National Standard921
PIPEDABill or Act912
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4International or National Standard900
45 CFR Part 164Regulation or Statute882
AICPA Trust Services Principles and CriteriaSelf-Regulatory Body Requirement880
Australia Privacy Amendment ActRegulation or Statute8110
ISO 31000 R 2009International or National Standard81512
ISO 9001:2015International or National Standard8120
PCI DSS Testing Procedures v3.2Contractual Obligation8150
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4International or National Standard800
23 NYCRR 500Regulation or Statute763