What is an Authority Document?

An Authority Document is simply a document that your organization must comply with. 

The different Authority Document types that we have identified are:

  • Audit Guideline
  • Best Practice Guideline
  • Bill or Act
  • Contractual Obligation
  • International or National Standard
  • Organizational Directive
  • Regulation or Statute
  • Safe Harbor
  • Self-Regulatory Body Requirement
  • Vendor Documentation

Some notable examples are:

  • ISO 27992
  • NIST 800-53
  • HIPAA
  • PCI DSS

Once we identify an Authority Document, our mapping team creates Citations which link each of the mandates within the document to a Common Control.

The UCF maps Authority Documents based on customer request. Please submit a support request if you want to submit an Authority Document mapping request.

Have more questions? Submit a request

Comments

Powered by Zendesk