ISO 27001-2013 | International or National Standard | 24 | 192 | 17 |
NIST CSF 1.1 | International or National Standard | 24 | 40 | 19 |
NIST SP 800-53 R5 | International or National Standard | 22 | 15 | 11 |
EU General Data Protection Regulation (GDPR) | Regulation or Statute | 19 | 169 | 15 |
CIS Controls, V8 | Best Practice Guideline | 18 | 7 | 7 |
Cloud Controls Matrix, v4.0 | Self-Regulatory Body Requirement | 16 | 1 | 0 |
CobiT | Safe Harbor | 15 | 162 | 1 |
ISO/IEC 27002:2022 | International or National Standard | 14 | 0 | 3 |
Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.2.1 | Contractual Obligation | 14 | 4 | 4 |
Sarbanes-Oxley Act of 2002 | Bill or Act | 14 | 2 | 4 |
ISO/IEC 27017:2015(E) | Self-Regulatory Body Requirement | 13 | 19 | 9 |
PCI DSS Defined Approach Requirements, Version 4.0 | International or National Standard | 13 | 0 | 2 |
NIST SP 800-39 | International or National Standard | 12 | 10 | 6 |
SOC2 | Safe Harbor | 12 | 0 | 0 |
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020 | International or National Standard | 11 | 8 | 5 |
hipaa security rule | Regulation or Statute | 11 | 5 | 1 |
ISO 27002 | International or National Standard | 11 | 7 | 2 |
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020 | International or National Standard | 10 | 8 | 5 |
ISO/IEC 27018:2014 | International or National Standard | 10 | 15 | 2 |
ISO/IEC 27701:2019 | International or National Standard | 10 | 17 | 8 |
NIST Privacy Framework | International or National Standard | 10 | 14 | 7 |
23 NYCRR 500 | Regulation or Statute | 9 | 11 | 3 |
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020 | International or National Standard | 9 | 9 | 8 |
HIPAA | Bill or Act | 9 | 10 | 5 |
ISO 9001:2015 | International or National Standard | 9 | 18 | 2 |
ISO/IEC 27002:2013(E) | International or National Standard | 9 | 144 | 13 |
ISO/IEC 27018:2019 | International or National Standard | 9 | 0 | 0 |
NIST SP 800-53 | International or National Standard | 9 | 17 | 1 |
AICPA Reporting on Controls at a Service Organization SOC-2 | Safe Harbor | 8 | 137 | 4 |
California Consumer Privacy Act of 2018 | Bill or Act | 8 | 2 | 1 |
ISO 22301:2019(E) | International or National Standard | 8 | 0 | 0 |
ITIL Foundation 4 | Best Practice Guideline | 8 | 0 | 0 |
SWIFT Customer Security Controls Framework | Best Practice Guideline | 8 | 0 | 0 |
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy | Self-Regulatory Body Requirement | 8 | 4 | 2 |
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020 | International or National Standard | 7 | 5 | 3 |
HIPAA Electronic Health Record Technology | Regulation or Statute | 7 | 4 | 5 |
ISO 27005 R 2011 | International or National Standard | 7 | 17 | 8 |
ISO/IEC 20000-1:2018 | International or National Standard | 7 | 7 | 0 |
NIST SP 800-37r2 | International or National Standard | 7 | 10 | 4 |
NIST SP 800-61 | International or National Standard | 7 | 16 | 9 |
OWASP Top 10 - 2017 | International or National Standard | 7 | 9 | 5 |
SSAE No. 16 Reporting on Controls at a Service Organization SOC-1 | Safe Harbor | 7 | 9 | 3 |
APRA CPS 234 | Regulation or Statute | 6 | 3 | 0 |
Brazilian General Data Protection Law (LGPD) | Bill or Act | 6 | 3 | 0 |
BSI Cloud Computing Compliance Controls Catalogue (C5) | Best Practice Guideline | 6 | 12 | 3 |
California Consumer Privacy Act of 2018 | Bill or Act | 6 | 39 | 1 |
CRI Profile v1.2 | Best Practice Guideline | 6 | 0 | 0 |
FedRAMP Baseline Security Controls | Audit Guideline | 6 | 124 | 0 |
FFIEC CAT | Best Practice Guideline | 6 | 10 | 1 |
FFIEC IT Examination Handbook | Audit Guideline | 6 | 12 | 2 |