The Authority Documents list is first organized by broad areas of concern (Sarbanes Oxley guidance, Banking and Finance guidance, Payment Card guidance, International Law guidance, etc.) we call authority document realms. At this level, as you can see, all of the authority document realms are deemed similar in scope and are displayed on the same hierarchical level.
-
Sarbanes Oxley Guidance
-
Banking and Finance Guidance
-
Payment Card Guidance
Rule 1: Research the originator for each Authority Document and subordinate the originator within each area of concern
Within each area of concern we’ve then narrowed the category and identified the originating authority for the authority documents themselves. Because each of these originating authorities are narrower in scope, we display them as the second level of the hierarchy.
- Sarbanes Oxley Guidance
- US Congress
- US Office of Management and Budget
- US Public Company Accounting Oversight Board
- Banking and Finance Guidance
- Payment Card Guidance
Rule 2: Assign each Authority Document to its Originator and subordinate the Authority Document to its Originator
With the listing of areas of concern completed and originators added to those lists, we’ve identified the Authority Documents themselves that belong to each of the originating authorities and subordinated the Authority Documents to the originating authority in question. You’ll also note that we’ve further subordinated A 123’s implementation guide to denote that it is narrower in scope than A 123.
- Sarbanes Oxley Guidance
- US Congress
- Sarbanes Oxley Act
- US Office of Management and Budget
- A 123
- A 123 Implementation Guide
- A 123
- US Public Company Accounting Oversight Board
- PCAOB AS 2
- PCAOB AS 3
- PCAOB AS 4
- US Congress
- Banking and Finance Guidance
- Payment Card Guidance
Rule 3: Subordinate versions of Authority Documents to the original
Because authority documents go through versions and revisions, we’ve put rules into place to denote their genealogy as well. Within the Payment Card Guidance realm, there is an originating authority named the Payment Card Industry Security Standards Council. This originating authority published a document entitled the Payment Card Industry Data Security Standard (PCI-DSS).
- Payment Card Guidance
- Payment Card Industry Security Standards Council
- Payment Card Industry Data Security Standard
- Payment Card Industry Security Standards Council
Since its original publication, the PCI DSS has gone through three revisions, adding versions 1.1 and 1.2 to the original. Therefore, in our Authority Document list, those two versions are subordinated to the original document title as shown below.
- Payment Card Guidance
- Payment Card Industry Security Standards Council
- Payment Card Industry Data Security Standard
- Payment Card Industry Data Security Standard version 1.1
- Payment Card Industry Data Security Standard version 1.2
- Payment Card Industry Data Security Standard
- Payment Card Industry Security Standards Council
Because both version 1.1 and version 1.2 are topically subordinate to the original document, they are denoted in our list as being genealogical children of the original title. However, version 1.2 is not a child of version 1.1, and as such, is listed as a sibling of version 1.1 and ordered in the list as following1.1 when sorted properly.
This also applies to languages that are derivatives of the original document. In the case of the Payment Card Guidance, if, say, a Japanese version were to be mapped, it would be subordinated to the English version originally tracked.
- Payment Card Guidance
- Payment Card Industry Security Standards Council
- Payment Card Industry Data Security Standard
- Payment Card Industry Data Security Standard version 1.1
- Payment Card Industry Data Security Standard version 1.2
- Payment Card Industry Data Security Standard version 1.2, Japanese Translation
- Payment Card Industry Data Security Standard
- Payment Card Industry Security Standards Council