I know I can hear the collective groan out there. It is ok though the changes in this release are few and no real changes in the controls themselves. It just formalises those controls that were best practice until February 2018 and June 2018. These are now part of the requirements so can no longer be marked as Not Applicable.
Article Link: https://isc.sans.edu/diary/rss/23667