ISO 27001-2013 | International or National Standard | 53 | 179 | 7 |
NIST SP 800-53 R5 | International or National Standard | 37 | 6 | 2 |
NIST CSF 1.1 | International or National Standard | 36 | 29 | 7 |
PCI DSS Requirements and Security Assessment Procedures | Contractual Obligation | 33 | 139 | 4 |
EU General Data Protection Regulation (GDPR) | Regulation or Statute | 25 | 159 | 10 |
HIPAA | Bill or Act | 21 | 6 | 1 |
hipaa security rule | Regulation or Statute | 21 | 2 | 0 |
NIST SP 800-53 | International or National Standard | 19 | 16 | 1 |
AICPA Reporting on Controls at a Service Organization SOC-2 | Safe Harbor | 18 | 130 | 3 |
ISO/IEC 27018:2014 | International or National Standard | 18 | 14 | 2 |
NIST CSF 1.0 | International or National Standard | 18 | 11 | 2 |
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations | International or National Standard | 18 | 1 | 2 |
CobiT | Safe Harbor | 17 | 158 | 1 |
HIPAA Electronic Health Record Technology | Regulation or Statute | 17 | 0 | 0 |
ISO 27002 | International or National Standard | 17 | 7 | 2 |
ISO/IEC 27017:2015(E) | Self-Regulatory Body Requirement | 17 | 12 | 4 |
NIST SP 800 66 | Safe Harbor | 17 | 24 | 1 |
NIST SP 800-171 | International or National Standard | 17 | 2 | 1 |
CMMC Level 3 | Best Practice Guideline | 16 | 2 | 2 |
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020 | International or National Standard | 16 | 1 | 0 |
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Low Impact Baseline, October 2020 | International or National Standard | 15 | 1 | 0 |
ISO/IEC 27002:2013(E) | International or National Standard | 15 | 134 | 4 |
Sarbanes-Oxley Act of 2002 | Bill or Act | 15 | 2 | 0 |
CIS Controls, V7.1 | Best Practice Guideline | 14 | 4 | 2 |
Cloud Controls Matrix, Version 3.0 | Self-Regulatory Body Requirement | 14 | 12 | 2 |
Gramm Leach Bliley, Deprecated | Bill or Act | 14 | 9 | 2 |
HIPAA Electronic Health Record Technology | Regulation or Statute | 14 | 3 | 5 |
ISO/IEC 27701:2019 | International or National Standard | 14 | 10 | 3 |
NIST 800-53A | International or National Standard | 14 | 7 | 2 |
Cloud Security Alliance CCM V1.3 | Best Practice Guideline | 13 | 5 | 0 |
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, High Impact Baseline, October 2020 | International or National Standard | 13 | 2 | 2 |
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Privacy Control Baseline, October 2020 | International or National Standard | 13 | 2 | 2 |
EBA/GL/2019/04 | Regulation or Statute | 13 | 3 | 0 |
FedRAMP Baseline Security Controls | Audit Guideline | 13 | 119 | 0 |
NIST SP 800-39 | International or National Standard | 13 | 3 | 0 |
CMMC Level 1 | Best Practice Guideline | 12 | 2 | 2 |
CMMC Level 4 | Best Practice Guideline | 12 | 2 | 0 |
CMMC Level 5 | Best Practice Guideline | 12 | 2 | 0 |
Sarbanes Oxley SOX, Deprecated | Regulation or Statute | 12 | 144 | 1 |
23 NYCRR 500 | Regulation or Statute | 11 | 8 | 2 |
CMMC Level 2 | Best Practice Guideline | 11 | 2 | 2 |
HIPAA HCFA | Best Practice Guideline | 11 | 1 | 1 |
BSI Cloud Computing Compliance Controls Catalogue (C5) | Best Practice Guideline | 10 | 8 | 0 |
ISO 27005 R 2011 | International or National Standard | 10 | 12 | 3 |
NIST SP 800-53 R4 | International or National Standard | 10 | 3 | 2 |
NIST SP 800-53 R4 Moderate Impact, Deprecated | International or National Standard | 10 | 75 | 5 |
NIST SP 800-61 | International or National Standard | 10 | 9 | 3 |
Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4 | International or National Standard | 10 | 5 | 0 |
Australian Government Information Security Manual Controls | International or National Standard | 9 | 3 | 0 |
Cyber Essentials Scheme (CES) Questionnaire | Best Practice Guideline | 9 | 2 | 0 |