Official UC blog

Monthly Selected Authority Documents  January, 2024

Written by Matt H. | Feb 8, 2024 4:13:18 PM
AD Common Name AD Type Selected Groups Initiatives
CobiT Safe Harbor 51 167 1
Cross Border Privacy Assessment Best Practice Guideline 43 3 1
Basel II Regulation or Statute 42 12 0
ISO/IEC 27001:2022 International or National Standard 36 10 4
PCI DSS Defined Approach Requirements, Version 4.0 International or National Standard 28 8 4
EU General Data Protection Regulation (GDPR) Regulation or Statute 25 185 19
NIST SP 800-53 R5 International or National Standard 25 27 17
ISO/IEC 27002:2022 International or National Standard 24 10 10
CIS Controls, V8 Best Practice Guideline 20 13 9
ISO/IEC 27701:2019 International or National Standard 19 18 9
NIST CSF 1.1 International or National Standard 19 61 23
NIST SP 800-53 Revision 5.1.1 International or National Standard 19 0 0
ISO 27001-2013 International or National Standard 17 216 22
23 NYCRR 500 Regulations 15 1 1
Digital Operational Resilience Act Regulations 14 0 0
ISO 22301- Societal Security - Business Continuity Management Systems - Requirements International or National Standard 14 19 1
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations International or National Standard 14 15 8
ISO/IEC 27017:2015(E) Self-Regulatory Body Requirement 12 23 11
NIST SP 800-53 International or National Standard 12 17 2
hipaa security rule Regulation or Statute 11 5 1
PCI DSS v3.2.1 Contractual Obligation 11 8 4
Cloud Controls Matrix, v4.0 Self-Regulatory Body Requirement 10 5 0
COBIT 2019 Safe Harbor 10 5 2
SOC2 Safe Harbor 10 5 0
Brazilian General Data Protection Law (LGPD) Bill or Act 9 11 0
California Privacy Rights Act (CPRA) Bill or Act 9 4 2
COBIT 5 Enabling Processes: Basics Safe Harbor 9 55 3
CSF V1.1 International or National Standard 9 0 0
HIPAA Bill or Act 9 10 4
ISO/IEC 27018:2019 International or National Standard 9 3 2
PCI DSS Defined Approach Testing Procedures, Version 4.0 International or National Standard 9 6 5
Sarbanes-Oxley Act of 2002 Bill or Act 9 5 6
23 NYCRR 500 Regulation or Statute 8 28 6
AICPA Reporting on Controls at a Service Organization SOC-2 Safe Harbor 8 144 7
BSI Cloud Computing Compliance Controls Catalogue (C5) Best Practice Guideline 8 18 4
FFIEC Information Technology Examination Handbook - Business Continuity Management Audit Guideline 8 20 5
ISO 22301:2019(E) International or National Standard 8 1 2
ISO 27002 International or National Standard 8 8 5
Trust Services Criteria (with Revised Points of Focus - 2022) Self-Regulatory Body Requirement 8 5 3
Australia Privacy Amendment Act Regulation or Statute 7 20 0
COSO Enterprise Risk Management (2017) Best Practice Guideline 7 25 9
HIPAA Electronic Health Record Technology Regulation or Statute 7 2 1
NIST AI 100-1 Best Practice Guideline 7 1 0
NIST Privacy Framework International or National Standard 7 15 7
NIST SP 800-34, Rev 1 International or National Standard 7 0 0
NIST SP 800-39 International or National Standard 7 19 6
SWIFT Customer Security Controls Framework Best Practice Guideline 7 0 0
AICPA/CICA Privacy Management Framework Best Practice Guideline 6 0 0
Australian Government Information Security Manual Controls International or National Standard 6 3 0
Australian Government Information Security Manual, September 2023 International or National Standard 6 0 0

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.