Monthly Selected Authority Documents -November, 2022

Written by UCF | Nov 30, 2022 10:35:01 PM

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common Name	AD Type	Selected	Groups	Initiatives
ISO 27001-2013	International or National Standard	51	199	17
EU General Data Protection Regulation (GDPR)	Regulation or Statute	35	173	15
NIST SP 800-53 R5	International or National Standard	33	19	11
NIST CSF 1.1	International or National Standard	24	43	19
ISO/IEC 27002:2022	International or National Standard	21	1	3
Sarbanes-Oxley Act of 2002	Bill or Act	18	2	4
ISO 27002	International or National Standard	17	8	3
ISO/IEC 27017:2015(E)	Self-Regulatory Body Requirement	17	19	9
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations	International or National Standard	17	10	7
NIST SP 800-53	International or National Standard	15	18	2
CIS Controls, V8	Best Practice Guideline	14	7	7
ISO/IEC 27701:2019	International or National Standard	14	18	8
PCI DSS v3.2.1	Contractual Obligation	14	6	4
PCI DSS Defined Approach Requirements, Version 4.0	International or National Standard	12	5	3
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020	International or National Standard	10	8	5
hipaa security rule	Regulation or Statute	10	5	1
ISO/IEC 27018:2019	International or National Standard	10	0	0
NIST Privacy Framework	International or National Standard	10	14	7
PCI DSS Requirements and Security Assessment Procedures	Contractual Obligation	10	152	7
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy	Self-Regulatory Body Requirement	10	4	2
AICPA Reporting on Controls at a Service Organization SOC-2	Safe Harbor	9	142	4
BSI Cloud Computing Compliance Controls Catalogue (C5)	Best Practice Guideline	9	16	3
California Privacy Rights Act (CPRA)	Bill or Act	9	3	1
Cloud Controls Matrix, v4.0	Self-Regulatory Body Requirement	9	2	0
NIST SP 800-39	International or National Standard	9	10	6
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020	International or National Standard	8	5	3
FedRAMP Baseline Security Controls	Audit Guideline	8	128	0
NIST SP 800 66	Safe Harbor	8	31	2
NIST SP 800-37r2	International or National Standard	8	11	4
Red Book (Condensed)	International or National Standard	8	12	7
CMMC Level 2, v2.0	Best Practice Guideline	7	6	5
CobiT	Safe Harbor	7	166	1
EBA/GL/2019/04	Regulation or Statute	7	10	0
FFIEC CAT	Best Practice Guideline	7	13	1
HIPAA	Bill or Act	7	10	5
ISO/IEC 27002:2013(E)	International or National Standard	7	144	13
ISO/IEC 27018:2014	International or National Standard	7	19	2
21 CFR Part 11	Regulation or Statute	6	33	0
AICPA Trust Services	Audit Guideline	6	6	1
California Consumer Privacy Act of 2018	Bill or Act	6	44	1
Canada Privacy Policy Principles	Regulation or Statute	6	3	2
COSO Internal Control - Integrated Framework	Self-Regulatory Body Requirement	6	15	7
ISO 27005 R 2011	International or National Standard	6	17	8
UK Data Protection Act 2018	Bill or Act	6	19	0
23 NYCRR 500	Regulation or Statute	5	14	3
AICPA Trust Services Principles and Criteria	Self-Regulatory Body Requirement	5	10	1
CMMC Level 1, v2.0	Best Practice Guideline	5	5	5
CRI Profile v1.2	Best Practice Guideline	5	5	0
FedRAMP Security Controls Baseline, 2018	Audit Guideline	5	1	4
FFIEC Information Technology Examination Handbook - Business Continuity Management	Audit Guideline	5	19	5

View full post