Monthly Selected Authority Documents - November, 2021

December 1, 2021 | Monthly Updates

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
ISO 27001-2013International or National Standard2718611
NIST SP 800-53 R5International or National Standard2683
NIST CSF 1.1International or National Standard223412
CIS Controls, V8Best Practice Guideline1700
Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2.1Contractual Obligation1743
EU General Data Protection Regulation (GDPR)Regulation or Statute1316410
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard1032
HIPAABill or Act994
hipaa security ruleRegulation or Statute941
23 NYCRR 500Regulation or Statute893
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020International or National Standard820
ISO 27002International or National Standard872
ISO/IEC 27002:2013(E)International or National Standard81387
ISO/IEC 27701:2019International or National Standard8113
NIST SP 800-53International or National Standard8161
Sarbanes-Oxley Act of 2002Bill or Act823
21 CFR Part 11Regulation or Statute7290
CMMC Level 3Best Practice Guideline742
HITECH title within the American Recovery and Reinvestment Act of 2009Bill or Act7102
ISO 9001:2015International or National Standard7182
ISO/IEC 27018:2014International or National Standard7152
CobiTSafe Harbor61621
Gramm Leach BlileyBill or Act600
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement6134
NIST SP 800-171International or National Standard621
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement500
Cloud Security Alliance CCM V1.3Best Practice Guideline550
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020International or National Standard543
COSO Internal Control - Integrated FrameworkSelf-Regulatory Body Requirement5102
FFIEC IT Examination Handbook Architecture, Infrastructure, and Operations 2021Audit Guideline500
ISO 14001:2015International or National Standard500
APRA CPS 234Regulation or Statute430
California Consumer Privacy Act of 2018Bill or Act4391
EudraLex Rules Governing Medicinal Products in the European Union Annex 11 Computerised SystemsBest Practice Guideline441
HIPAA Electronic Health Record TechnologyRegulation or Statute411
India Indian Info Privacy ActRegulation or Statute4150
ISO 31000:2018International or National Standard4101
Italy Personal Data Protection CodeRegulation or Statute410
MAS-TRMG-2021Contractual Obligation430
New Zealand Privacy ActRegulation or Statute430
NICE NISTInternational or National Standard4121
NIST CSF 1.0International or National Standard4112
PCI DSS Requirements and Security Assessment ProceduresContractual Obligation41464
PIPEDABill or Act422
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and PrivacySelf-Regulatory Body Requirement442
45 CFR Part 160Regulation or Statute344
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor31374
Australian Privacy ActBill or Act320
Austria Data Protection LawRegulation or Statute310
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline390