News

Free list of the best Common Controls for a pandemic situation

March 25, 2020 | News/Articles

Please have a free list of the best Common Controls for a pandemic situation like the one we are in!

We at Unified Compliance have just made that list of Common Controls focused on Disaster Recovery, Continuity, and Pandemic planning available to you, the general public, as well as every paid and free member of the Common Controls Hub!

With over 1,000 mapped Authority Documents, we selected the most Disaster and Continuity planning heavy documents for you

We searched our database of documents we’ve mapped over the years and have come up with a list of Authority Documents that are heavily laden in the areas of Disaster Recovery, Continuity Planning, Pandemic planning, etc. The list is as follows:

  • 9070 - NFA Compliance Rules 2–9, 2–36 and 2–49: Information Systems Security Programs
  • Cloud Computing Compliance Controls Catalogue (C5)
  • CobiT 4.1 (CobiT 5 and 2019 are available to customers with a valid ISACA membership)
  • FFIEC Business Continuity Planning (BCP) IT Examination Handbook
  • Hong Kong Monetary Authority: TM-G–1: General Principles for Technology Risk Management
  • IM Guidance Update: Cybersecurity Guidance
  • ISO 22301: Societal Security - Business Continuity Management Systems - Requirements
  • ISO 24762 Information technology - Security techniques - Guidelines for information and communications technology disaster recovery services
  • ISO/IEC 27018:2014, Information technology – Security techniques – Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
  • National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800–181
  • Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Service Providers
  • Shared Assessments Standardized Information Gathering Questionnaire - K. Business Continuity and Disaster Recovery

The list is comprised of 1,848 mandated Common Controls overall, with the following highlights;

  • 166 controls directly focused on operational and systems continuity,
  • 99 focus on Third Party and supply chain oversight,
  • 121 focus on Human Resources management, and
  • 372 focus on operational management.

Many of these documents were only available to paid members until today. All of these documents are now available to anyone with a Common Controls Hub account, even the free starter accounts.

In addition, we’ve saved and shared that list online as a Portable Compliance Profile (shown below) and it is available to anyone (even without a Common Controls Hub account) here: https://theucf.info/pl-qz4z1.

Sign in to the Common Controls Hub HERE and get started reviewing these Disaster Recovery, Continuity Planning, and Pandemic planning controls today!

Additional Authority Documents are forthcoming!

In addition to what we have here, we are currently adding more continuity-centric Authority Documents such as the ISO 22301 Self-assessment questionnaire to release on Friday and Pandemic Response Planning Policy for SANS Institute.

To see the documents we are currently mapping, check out our Project Portal HERE where you can review and comment on any step of the mapping process.

If you think we are missing any documents, please email us by clicking HERE and we will try and map in the documents you recommend.