Monthly Selected Authority Documents - May, 2018

Written by UCF | Jun 1, 2018 6:35:01 AM

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common Name	AD Type	Selected	Groups	Initiatives
ISO 27001-2013	International or National Standard	75	95	20
NIST SP 800-53 R4	International or National Standard	49	46	8
PCI DSS Requirements and Security Assessment Procedures	Contractual Obligation	48	64	8
NIST SP 800-53 R4 Moderate Impact	International or National Standard	45	22	6
EU General Data Protection Regulation (GDPR)	Regulations	37	60	3
NIST SP 800-53 R4 High Impact	International or National Standard	34	73	4
NIST SP 800-53 R4 Low Impact	International or National Standard	33	18	4
Sarbanes Oxley SOX	Regulation or Statute	33	67	16
CobiT	Safe Harbor	32	80	6
ISO 27002	International or National Standard	28	10	7
Gramm Leach Bliley	Bill or Act	24	12	10
HIPAA	Bill or Act	24	41	8
ISO/IEC 27002:2013(E)	International or National Standard	23	74	16
AICPA Reporting on Controls at a Service Organization SOC-2	Safe Harbor	22	37	4
NIST Cybersecurity Framework	International or National Standard	21	4	2
ISO 31000 R 2009	International or National Standard	18	75	4
CSIS 20 Critical Security Controls	Best Practice Guideline	16	73	4
23 NYCRR 500	Regulations	15	0	6
ISO 27005 R 2011	International or National Standard	13	9	6
SSAE No. 16 Reporting on Controls at a Service Organization SOC-1	Safe Harbor	13	11	3
16 CFR Part 314	Regulation or Statute	12	11	9
HIPAA Electronic Health Record Technology	Regulation or Statute	12	7	3
NIST SP 800-171	International or National Standard	12	4	1
ISO/IEC 27017:2015(E)	Self-Regulatory Body Requirement	11	0	0
NIST SP 800-53	International or National Standard	11	9	3
PCI SAQ A v3.1	Contractual Obligation	11	5	1
FedRAMP Baseline Security Controls	Audit Guideline	10	36	5
ISO 20000-1 2nd Ed	International or National Standard	10	45	4
16 CFR Part 313	Regulation or Statute	8	11	10
CIS 20 Critical Security Controls	Best Practice Guideline	8	5	2
HIPAA HCFA	Best Practice Guideline	8	18	2
ISO 20000-2 R 2005	International or National Standard	8	44	4
NIST 800-53A	International or National Standard	8	6	3
NIST Framework for Improving Critical Infrastructure Cybersecurity	International or National Standard	8	15	7
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations	International or National Standard	8	0	2
45 CFR Part 164	Regulation or Statute	7	13	6
Federal Information Security Management Act FISMA	Regulation or Statute	7	14	4
FFIEC Business Continuity Planning Handbook 2015	Audit Guideline	7	0	0
FFIEC CAT	Best Practice Guideline	7	0	0
FFIEC Development Acquisition	Best Practice Guideline	7	5	0
FFIEC IT Examination Handbook	Audit Guideline	7	0	0
ISO/IEC 27018:2014	International or National Standard	7	4	3
NIST SP 800 66	Safe Harbor	7	8	5
BSI-Standard 100-2	International or National Standard	6	9	0
Cloud Security Alliance CCM V1.3	Best Practice Guideline	6	12	6
COSO ERM	Safe Harbor	6	5	3
EudraLex Rules Governing Medicinal Products in the European Union Annex 11 Computerised Systems	Best Practice Guideline	6	3	2
FFIEC Outsourcing Technology Services	Best Practice Guideline	6	8	1
FTC FACT Act Red Flags Rule Template	Audit Guideline	6	9	1
ITIL Security Management	Best Practice Guideline	6	6	3

View full post