Monthly Selected Authority Documents - March, 2017

Written by UCF | Apr 1, 2017 12:30:31 AM

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common Name	AD Type	Selected	Groups	Initiatives
PCI DSS Requirements and Security Assessment Procedures	Contractual Obligation	56	8	0
ISO 27001-2013	International or National Standard	53	27	13
NIST SP 800-53 R4	International or National Standard	53	10	5
NIST SP 800-53 R4 High Impact	International or National Standard	53	14	3
CobiT	Safe Harbor	38	21	6
NIST SP 800-53 R4 Moderate Impact	International or National Standard	38	9	5
ISO 27002	International or National Standard	36	9	6
ISO/IEC 27002:2013(E)	International or National Standard	33	12	6
NIST Framework for Improving Critical Infrastructure Cybersecurity	International or National Standard	31	10	8
NIST SP 800-53 R4 Low Impact	International or National Standard	31	5	3
FFIEC Information Security	Best Practice Guideline	30	6	3
Sarbanes Oxley SOX	Regulation or Statute	29	17	12
FedRAMP Baseline Security Controls	Audit Guideline	23	9	4
Gramm Leach Bliley	Bill or Act	23	8	5
AICPA Reporting on Controls at a Service Organization SOC-2	Safe Harbor	21	10	3
NIST SP 800-53	International or National Standard	21	5	3
FFIEC Business Continuity Planning	Best Practice Guideline	20	4	0
HIPAA	Bill or Act	20	13	8
NIST SP 800-171	International or National Standard	20	3	1
ISO 31000 R 2009	International or National Standard	19	16	3
NIST 800-53A	International or National Standard	19	5	3
SSAE No. 16 Reporting on Controls at a Service Organization SOC-1	Safe Harbor	19	7	3
CSIS 20 Critical Security Controls	Best Practice Guideline	18	14	4
FFIEC Management	Best Practice Guideline	17	4	0
FFIEC Operations	Best Practice Guideline	17	4	0
FFIEC Outsourcing Technology Services	Best Practice Guideline	17	5	1
FFIEC Supervision of Technology Service Providers	Best Practice Guideline	17	5	1
ISO 27005 R 2011	International or National Standard	17	8	5
PCI SAQ A v3.1	Contractual Obligation	17	2	1
Federal Information Security Management Act FISMA	Regulation or Statute	16	7	4
FFIEC Audit	Best Practice Guideline	16	4	0
FFIEC Development Acquisition	Best Practice Guideline	16	4	0
FFIEC E Banking	Best Practice Guideline	16	4	0
FFIEC Retail Payment Systems	Best Practice Guideline	16	4	0
FFIEC Wholesale Payment Systems	Best Practice Guideline	16	4	0
Authentication in an Internet Banking Environment	Best Practice Guideline	15	4	0
ISO 20000-1 2nd Ed	International or National Standard	15	9	3
PCI DSS 3.0 Requirements	Self-Regulatory Body Requirement	15	8	6
PCI DSS 3.1	Contractual Obligation	14	3	2
ISO 20000-2 R 2005	International or National Standard	13	9	3
ISO 22301- Societal Security - Business Continuity Management Systems - Requirements	International or National Standard	13	2	1
NIST SP 800 66	Safe Harbor	13	9	6
EU General Data Protection Regulation (GDPR)	Regulations	12	2	0
ITIL Security Management	Best Practice Guideline	12	5	3
ITIL Service Support	Best Practice Guideline	12	3	3
Cloud Controls Matrix, Version 3.0	Self-Regulatory Body Requirement	11	2	1
HIPAA Electronic Health Record Technology	Regulation or Statute	11	4	1
PCI DSS 3.1 SAQ D Service Provider	Contractual Obligation	11	1	2
PCI PA DSS 1.1	Contractual Obligation	11	6	4
South African King Report 2002	Regulation or Statute	11	8	5

View full post