Monthly Selected Authority Documents July 2025

Written by Amanda B. | Jul 11, 2025 8:32:35 PM

Discover the Top 50 Most Popular Authority Documents in the Common Controls Hub (CCH) for June.

See how often each document was assigned across user groups and compliance initiatives—insightful data to help guide your compliance strategy.

AD Name	AD_id	AD_type	selected	groups	initiatives
ISO/IEC 27001:2022	3567	International or National Standard	30	22	5
NIST CSF 2.0	3789	International or National Standard	26	16	8
ISO/IEC 27002:2022	3430	International or National Standard	21	24	12
EU General Data Protection Regulation (GDPR)	2802	Regulation or Statute	14	196	22
NIST SP 800-53 Revision 5.1.1	3687	International or National Standard	14	5	3
CIS Controls, V8	3323	Best Practice Guideline	13	20	10
CobiT	102	Safe Harbor	13	169	2
PCI DSS Defined Approach Requirements v4.0.1	3987	International or National Standard	13	5	1
HIPAA Security and Privacy Rule	3986	Regulations	12	11	5
ISO 42001:2023	4062	International or National Standard	12	1	0
NIST SP 800-53 R5	3241	International or National Standard	12	38	18
ISO/IEC 27001:2022/Amendment 1:2024	4103	International or National Standard	11	0	0
NIST 800-171 Rev 3	3946	International or National Standard	11	6	2
NIST AI 100-1	3591	Best Practice Guideline	11	3	0
PCI DSS Defined Approach Testing Procedures v4.0.1	3988	International or National Standard	11	4	1
SOC 2¬Æ, 2022	3647	Audit Guideline	11	7	1
ISO/IEC 27701:2019	3020	International or National Standard	10	21	10
Sarbanes-Oxley Act of 2002	3296	Bill or Act	10	8	6
23 NYCRR 500	3686	Regulations	9	19	14
COSO Internal Control - Integrated Framework	1578	Self-Regulatory Body Requirement	9	24	8
ISO/IEC 27017:2015(E)	2838	Self-Regulatory Body Requirement	9	30	12
BSI Cloud Computing Compliance Controls Catalogue (C5)	3007	Best Practice Guideline	8	19	5
COSO Enterprise Risk Management (2017)	2947	Best Practice Guideline	8	25	9
Cyber Resilience Act (CRA)	4090	Regulations	8	0	0
Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union, 14 December, 2022	3714	Regulatory Directive or Guidance	8	11	5
ISO 27001-2013	1367	International or National Standard	8	226	24
ISO 9001:2015	2942	International or National Standard	8	25	6
ISO/IEC 27018:2019	3429	International or National Standard	8	8	2
NIST SP 800-53	902	International or National Standard	8	18	3
AICPA Reporting on Controls at a Service Organization SOC-2	1132	Safe Harbor	7	144	8
California Consumer Privacy Act of 2018	2957	Bill or Act	7	47	4
COBIT 2019	3009	Safe Harbor	7	9	2
Cybersecurity and Cyber Resilience Framework	4031	Regulatory Directive or Guidance	7	0	0
Digital Operational Resilience Act	3668	Regulations	7	14	5
HIPAA	3201	Bill or Act	7	13	4
ICD 702	2367	Organizational Directive	7	3	0
ISO 27002	482	International or National Standard	7	9	5
ISO/IEC 28394:2023	3611	International or National Standard	7	4	2
NIST CSF 1.0	1365	International or National Standard	7	12	2
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations	3134	International or National Standard	7	22	11
23 NYCRR 500	2895	Regulation or Statute	6	45	18
Canada Privacy Policy Principles	176	Regulation or Statute	6	3	3
CCM v4.0	3578	Self-Regulatory Body Requirement	6	1	1
CMMC Level 2	4043	Regulations	6	2	0
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020	3275	International or National Standard	6	18	7
Digital Personal Data Protection Act, 2023	3679	Statutes (Bills or Acts)	6	1	1
FFIEC IT Examination Handbook - Information Security, 2016	4024	Audit Guideline	6	2	1
Gramm Leach Bliley	3302	Bill or Act	6	13	0
Harmonized Rules On Artificial Intelligence (Artificial Intelligence Act) and Ameding Certain Union Legislative Acts, European Commission	3320	Best Practice Guideline	6	9	1
ISO/IEC 38507:2022	3637	International or National Standard	6	4	2

View full post