Skip to content
Contact us

Monthly Selected Authority Documents Jan 2026

Picture of Amanda B.

Discover the Top 50 Most Popular Authority Documents in the Common Controls Hub (CCH) for January.

See how often each document was assigned across user groups and compliance initiatives—insightful data to help guide your compliance strategy.

AD_name AD_id AD_type selected groups initiatives
ISO/IEC 27001:2022 3567 International or National Standard 34 24 5
NIST CSF 2.0 3789 International or National Standard 30 18 8
HIPAA Security and Privacy Rule 3986 Regulations 24 20 11
CRI Profile, v2.1 4105 Best Practice Guideline 23 10 3
ISO/IEC 27002:2022 3430 International or National Standard 23 27 12
COSO Internal Control - Integrated Framework 1578 Self-Regulatory Body Requirement 22 24 8
CCM v4.0 3578 Self-Regulatory Body Requirement 21 7 5
NIST AI 600-1 3990 International or National Standard 20 7 4
Digital Operational Resilience Act 3668 Regulations 19 23 11
NIST 800-53, v5.2.0 4137 International or National Standard 19 0 0
SOC 2®, 2022 3647 Audit Guideline 19 7 1
23 NYCRR 500 3686 Regulations 17 28 20
ISO/IEC 27001:2022/Amendment 1:2024 4103 International or National Standard 17 0 0
23 NYCRR 500 2895 Regulation or Statute 15 54 24
PCI DSS v4.0.1 SAQ D for Merchants 4086 Self-Regulatory Body Requirement 15 8 6
TSP Section 100: 2017  Trust  Services  Criteria for  Security,  Availability, Processing  Integrity,  Confidentiality, and Privacy 3288 Self-Regulatory Body Requirement 15 7 3
CMMC Level 2 4043 Regulations 14 3 1
FedRAMP Version 5 Moderate Baseline 3644 Audit Guideline 14 3 1
FFIEC IT Examination Handbook - Information Security, 2016 4024 Audit Guideline 14 11 6
16 CFR Part 314, Standards for Safeguarding Customer Information 3449 Regulation or Statute 13 34 22
Appendix B of 12 CFR Part 30 15 Regulation or Statute 13 43 22
CIS Controls Version 8.1 3955 Best Practice Guideline 13 6 2
Gramm Leach Bliley 3302 Bill or Act 13 13 0
Illinois Insurance Data Security Law 4047 Statutes (Bills or Acts) 13 10 7
Maryland Insurance Data Security Law 4049 Statutes (Bills or Acts) 13 10 7
Oklahoma Insurance Data Security Act 4050 Statutes (Bills or Acts) 13 10 7
PCI DSS Defined Approach Requirements v4.0.1 3987 International or National Standard 13 6 1
Pennsylvania Insurance Data Security Law 4051 Statutes (Bills or Acts) 13 10 7
Rhode Island Insurance Data Security Law 4052 Statutes (Bills or Acts) 13 10 7
Sarbanes-Oxley Act of 2002 3296 Bill or Act 13 8 6
Vermont Insurance Data Security Law 4053 Statutes (Bills or Acts) 13 10 7
CMMC Level 1 4042 Regulations 12 0 0
CMMC Level 3 4044 Regulations 12 0 0
CobiT 102 Safe Harbor 12 177 2
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020 3275 International or National Standard 12 27 12
COSO Enterprise Risk Management (2017) 2947 Best Practice Guideline 12 25 9
Cybersecurity Requirements For Insurance Companies 3407 Regulation or Statute 12 24 21
data security 3406 Regulation or Statute 12 24 21
Digital Personal Data Protection Act, 2023 3679 Statutes (Bills or Acts) 12 9 1
FedRAMP Baseline Security Controls 1263 Audit Guideline 12 137 0
FedRAMP High Baseline, Version 5 3636 Regulation or Statute 12 0 0
Insurance Data Security 3411 Regulation or Statute 12 24 21
Insurance Data Security 3403 Regulation or Statute 12 24 21
Insurance Data Security 3402 Regulation or Statute 12 24 21
Insurance Data Security Act 3396 Regulation or Statute 12 24 21
Insurance Data Security Act 3410 Regulation or Statute 12 24 21
Insurance Data Security Act 3405 Regulation or Statute 12 24 21
Insurance Data Security Law 3397 Regulation or Statute 12 24 21
Insurance Data Security Law 3399 Regulation or Statute 12 24 21
Insurance Data Security Law 3404 Regulation or Statute 12 24 21
,