| NIST CSF 2.0 | International or National Standard | 63 | 1 | 1 |
| EU General Data Protection Regulation (GDPR) | Regulation or Statute | 40 | 185 | 19 |
| ISO/IEC 27002:2022 | International or National Standard | 40 | 10 | 10 |
| CIS Controls, V8 | Best Practice Guideline | 39 | 13 | 9 |
| ISO/IEC 27001:2022 | International or National Standard | 39 | 10 | 4 |
| NIST SP 800-53 Revision 5.1.1 | International or National Standard | 32 | 0 | 0 |
| NIST SP 800-53 R5 | International or National Standard | 30 | 27 | 17 |
| 23 NYCRR 500 | Regulation or Statute | 28 | 29 | 7 |
| ISO/IEC 27701:2019 | International or National Standard | 26 | 19 | 10 |
| 23 NYCRR 500 | Regulations | 24 | 2 | 2 |
| NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations | International or National Standard | 22 | 16 | 9 |
| PCI DSS Defined Approach Testing Procedures, Version 4.0 | International or National Standard | 21 | 6 | 5 |
| CSF V1.1 | International or National Standard | 20 | 0 | 0 |
| PCI DSS Defined Approach Requirements, Version 4.0 | International or National Standard | 19 | 9 | 5 |
| CobiT | Safe Harbor | 18 | 168 | 2 |
| ISO 27001-2013 | International or National Standard | 18 | 217 | 23 |
| NIST AI 100-1 | Best Practice Guideline | 18 | 1 | 0 |
| Sarbanes-Oxley Act of 2002 | Bill or Act | 18 | 5 | 6 |
| BSI Cloud Computing Compliance Controls Catalogue (C5) | Best Practice Guideline | 17 | 18 | 4 |
| Cloud Controls Matrix, v4.0 | Self-Regulatory Body Requirement | 16 | 6 | 1 |
| Gramm Leach Bliley | Bill or Act | 16 | 3 | 0 |
| OWASP Top 10 - 2021 | Organizational Governance Documents | 16 | 1 | 1 |
| Digital Operational Resilience Act | Regulations | 15 | 1 | 1 |
| Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union, 14 December, 2022 | Regulatory Directive or Guidance | 14 | 1 | 1 |
| HIPAA | Bill or Act | 14 | 10 | 4 |
| hipaa security rule | Regulation or Statute | 13 | 5 | 1 |
| India Indian Info Privacy Act | Regulation or Statute | 13 | 25 | 0 |
| NIST CSF 1.1 | International or National Standard | 13 | 61 | 23 |
| Australia Privacy Amendment Act | Regulation or Statute | 12 | 20 | 0 |
| California Privacy Rights Act (CPRA) | Bill or Act | 12 | 4 | 2 |
| NIST Privacy Framework | International or National Standard | 12 | 15 | 7 |
| Cyber Assurance Framework | Best Practice Guideline | 11 | 1 | 1 |
| FedRAMP Version 5 Moderate Baseline | Audit Guideline | 11 | 0 | 0 |
| FFIEC IT Examination Handbook | Audit Guideline | 11 | 22 | 2 |
| FFIEC IT Examination Handbook Architecture, Infrastructure, and Operations 2021 | Audit Guideline | 11 | 5 | 0 |
| FFIEC Outsourcing Technology Services | Best Practice Guideline | 11 | 14 | 1 |
| HIPAA HCFA | Best Practice Guideline | 11 | 3 | 2 |
| ISO/IEC 27017:2015(E) | Self-Regulatory Body Requirement | 11 | 23 | 11 |
| NIST SP 800-53 | International or National Standard | 11 | 17 | 2 |
| PCI DSS v3.2.1 | Contractual Obligation | 11 | 8 | 4 |
| Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4 | International or National Standard | 11 | 6 | 0 |
| ISO 9001:2015 | International or National Standard | 10 | 22 | 6 |
| ISO/IEC 27018:2019 | International or National Standard | 10 | 3 | 2 |
| Australian Government Information Security Manual, September 2023 | International or National Standard | 9 | 0 | 0 |
| FINRA Report on Cybersecurity Practices | Self-Regulatory Body Requirement | 9 | 9 | 1 |
| HITECH title within the American Recovery and Reinvestment Act of 2009 | Bill or Act | 9 | 10 | 2 |
| Insurance Data Security Model Law, NAIC MDL-668 | Best Practice Guideline | 9 | 3 | 2 |
| ISO 22301:2019(E) | International or National Standard | 9 | 1 | 2 |
| ITIL Foundation 4 | Best Practice Guideline | 9 | 0 | 1 |
| MAS TRM | Contractual Obligation | 9 | 48 | 0 |
