| EU General Data Protection Regulation (GDPR) | Regulation or Statute | 41 | 185 | 19 |
| NIST SP 800-53 R5 | International or National Standard | 40 | 27 | 17 |
| ISO/IEC 27001:2022 | International or National Standard | 39 | 10 | 4 |
| CIS Controls, V8 | Best Practice Guideline | 32 | 13 | 9 |
| ISO/IEC 27002:2022 | International or National Standard | 28 | 10 | 10 |
| ISO/IEC 27701:2019 | International or National Standard | 24 | 19 | 10 |
| NIST SP 800-53 Revision 5.1.1 | International or National Standard | 24 | 0 | 0 |
| ISO 27001-2013 | International or National Standard | 23 | 217 | 23 |
| 23 NYCRR 500 | Regulations | 20 | 1 | 1 |
| CobiT | Safe Harbor | 20 | 168 | 2 |
| COSO Internal Control - Integrated Framework | Self-Regulatory Body Requirement | 20 | 24 | 8 |
| NIST CSF 1.1 | International or National Standard | 20 | 61 | 23 |
| 23 NYCRR 500 | Regulation or Statute | 19 | 28 | 6 |
| NIST AI 100-1 | Best Practice Guideline | 19 | 1 | 0 |
| California Consumer Privacy Act of 2018 | Bill or Act | 18 | 45 | 2 |
| CMMC Level 2, v2.0 | Best Practice Guideline | 18 | 10 | 6 |
| Digital Operational Resilience Act | Regulations | 18 | 1 | 1 |
| hipaa security rule | Regulation or Statute | 18 | 5 | 1 |
| Cloud Controls Matrix, v4.0 | Self-Regulatory Body Requirement | 16 | 6 | 1 |
| California Privacy Rights Act (CPRA) | Bill or Act | 15 | 4 | 2 |
| CSF V1.1 | International or National Standard | 15 | 0 | 0 |
| NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations | International or National Standard | 15 | 16 | 9 |
| PCI DSS Defined Approach Requirements, Version 4.0 | International or National Standard | 15 | 9 | 5 |
| Sarbanes-Oxley Act of 2002 | Bill or Act | 15 | 5 | 6 |
| Trust Services Criteria (with Revised Points of Focus - 2022) | Self-Regulatory Body Requirement | 15 | 5 | 3 |
| AICPA Reporting on Controls at a Service Organization SOC-2 | Safe Harbor | 14 | 144 | 7 |
| FedRAMP Baseline Security Controls | Audit Guideline | 14 | 129 | 0 |
| ISO 9001:2015 | International or National Standard | 14 | 22 | 6 |
| Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union, 14 December, 2022 | Regulatory Directive or Guidance | 13 | 1 | 1 |
| NIST SP 800-53 R4 | International or National Standard | 13 | 5 | 3 |
| AICPA/CICA Privacy Management Framework | Best Practice Guideline | 12 | 0 | 0 |
| Cross Border Privacy Assessment | Best Practice Guideline | 12 | 3 | 1 |
| ISO 22301:2019(E) | International or National Standard | 12 | 1 | 2 |
| NIST SP 800 66 | Safe Harbor | 12 | 31 | 1 |
| Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4 | International or National Standard | 12 | 6 | 0 |
| SOC 2®, 2022 | Audit Guideline | 12 | 0 | 0 |
| SSAE No. 16 Reporting on Controls at a Service Organization SOC-1 | Safe Harbor | 12 | 9 | 3 |
| AICPA Privacy | Safe Harbor | 11 | 6 | 1 |
| CMMC Level 1, v2.0 | Best Practice Guideline | 11 | 8 | 5 |
| Cyber Essentials Scheme (CES) Questionnaire | Best Practice Guideline | 11 | 7 | 5 |
| Harmonized Rules On Artificial Intelligence (Artificial Intelligence Act) and Ameding Certain Union Legislative Acts, European Commission | Best Practice Guideline | 11 | 3 | 1 |
| ISO 22301- Societal Security - Business Continuity Management Systems - Requirements | International or National Standard | 11 | 19 | 1 |
| ISO 31000 R 2009 | International or National Standard | 11 | 170 | 1 |
| ISO 31000:2018 | International or National Standard | 11 | 24 | 7 |
| PCI DSS Testing Procedures v3.2 | Contractual Obligation | 11 | 29 | 2 |
| PCI DSS v3.2.1 | Contractual Obligation | 11 | 8 | 4 |
| Personal Information Protection Law of the People's Republic of China | Bill or Act | 11 | 2 | 1 |
| COBIT 2019 | Safe Harbor | 10 | 5 | 2 |
| Cyber Essentials Self-Assessment, Version 13 | Best Practice Guideline | 10 | 5 | 5 |
| EU-US Privacy Shield Framework Principles Annex II | Regulation or Statute | 10 | 2 | 0 |
