Official UC blog

Monthly Selected Authority Documents - November, 2020

Written by UCF | Dec 1, 2020 6:35:02 AM

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.



AD Common Name AD Type Selected Groups Initiatives
ISO 27001-2013 International or National Standard 59 169 8
AICPA Reporting on Controls at a Service Organization SOC-2 Safe Harbor 36 125 3
NIST CSF 1.1 International or National Standard 35 28 5
EU General Data Protection Regulation (GDPR) Regulation or Statute 31 150 9
NIST SP 800-53 R4 International or National Standard 28 130 8
PCI DSS Requirements and Security Assessment Procedures Contractual Obligation 26 136 2
NIST SP 800-53 R4 Moderate Impact International or National Standard 24 71 6
ISO/IEC 27002:2013(E) International or National Standard 21 131 2
California Consumer Privacy Act of 2018 Bill or Act 19 31 1
Sarbanes Oxley SOX Regulation or Statute 19 139 1
ISO 27002 International or National Standard 17 3 1
NIST SP 800-53 International or National Standard 16 12 0
NIST SP 800-53 R4 High Impact International or National Standard 16 158 5
NIST SP 800-53 R4 Low Impact International or National Standard 16 69 6
HIPAA Electronic Health Record Technology Regulation or Statute 15 3 3
CIS Controls, V7.1 Best Practice Guideline 14 0 1
HIPAA Bill or Act 14 92 0
NIST SP 800-53 R4 International or National Standard 14 0 0
APRA PPG 234 Safe Harbor 13 7 0
CMMC Level 3 Best Practice Guideline 13 0 1
ISO/IEC 27017:2015(E) Self-Regulatory Body Requirement 13 9 2
NIST 800-53A International or National Standard 13 5 2
APRA CPS 234 Regulation or Statute 12 2 0
CobiT Safe Harbor 12 149 2
FedRAMP Baseline Security Controls Audit Guideline 11 113 0
ISO 22301- Societal Security - Business Continuity Management Systems - Requirements International or National Standard 11 10 0
ISO/IEC 27018:2014 International or National Standard 11 11 0
ISO/IEC 27701:2019 International or National Standard 11 7 1
SWIFT Customer Security Controls Framework Best Practice Guideline 11 0 0
Trust Services Criteria Self-Regulatory Body Requirement 11 3 1
APRA PPG 234 Safe Harbor 10 0 0
Australian Privacy Act Bill or Act 10 2 0
BSI Cloud Computing Compliance Controls Catalogue (C5) Best Practice Guideline 10 6 0
Canada Privacy Policy Principles Regulation or Statute 10 2 3
FedRAMP Security Controls Baseline, 2018 Audit Guideline 10 0 2
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations International or National Standard 10 0 1
Cloud Controls Matrix, Version 3.0 Self-Regulatory Body Requirement 9 10 0
NIST CSF 1.0 International or National Standard 9 10 1
NIST SP 800 66 Safe Harbor 9 17 1
NIST SP 800-171 International or National Standard 9 2 1
PIPEDA Bill or Act 9 1 2
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4 International or National Standard 9 0 0
45 CFR Part 164 Regulation or Statute 8 8 2
AICPA Trust Services Principles and Criteria Self-Regulatory Body Requirement 8 8 0
Australia Privacy Amendment Act Regulation or Statute 8 11 0
ISO 31000 R 2009 International or National Standard 8 151 2
ISO 9001:2015 International or National Standard 8 12 0
PCI DSS Testing Procedures v3.2 Contractual Obligation 8 15 0
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4 International or National Standard 8 0 0
23 NYCRR 500 Regulation or Statute 7 6 3