Monthly Selected Authority Documents Jan 2026

Written by Amanda B. | Feb 4, 2026 6:04:58 PM

Discover the Top 50 Most Popular Authority Documents in the Common Controls Hub (CCH) for January.

See how often each document was assigned across user groups and compliance initiatives—insightful data to help guide your compliance strategy.

AD_name	AD_id	AD_type	selected	groups	initiatives
ISO/IEC 27001:2022	3567	International or National Standard	34	24	5
NIST CSF 2.0	3789	International or National Standard	30	18	8
HIPAA Security and Privacy Rule	3986	Regulations	24	20	11
CRI Profile, v2.1	4105	Best Practice Guideline	23	10	3
ISO/IEC 27002:2022	3430	International or National Standard	23	27	12
COSO Internal Control - Integrated Framework	1578	Self-Regulatory Body Requirement	22	24	8
CCM v4.0	3578	Self-Regulatory Body Requirement	21	7	5
NIST AI 600-1	3990	International or National Standard	20	7	4
Digital Operational Resilience Act	3668	Regulations	19	23	11
NIST 800-53, v5.2.0	4137	International or National Standard	19	0	0
SOC 2¬Æ, 2022	3647	Audit Guideline	19	7	1
23 NYCRR 500	3686	Regulations	17	28	20
ISO/IEC 27001:2022/Amendment 1:2024	4103	International or National Standard	17	0	0
23 NYCRR 500	2895	Regulation or Statute	15	54	24
PCI DSS v4.0.1 SAQ D for Merchants	4086	Self-Regulatory Body Requirement	15	8	6
TSP Section 100: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy	3288	Self-Regulatory Body Requirement	15	7	3
CMMC Level 2	4043	Regulations	14	3	1
FedRAMP Version 5 Moderate Baseline	3644	Audit Guideline	14	3	1
FFIEC IT Examination Handbook - Information Security, 2016	4024	Audit Guideline	14	11	6
16 CFR Part 314, Standards for Safeguarding Customer Information	3449	Regulation or Statute	13	34	22
Appendix B of 12 CFR Part 30	15	Regulation or Statute	13	43	22
CIS Controls Version 8.1	3955	Best Practice Guideline	13	6	2
Gramm Leach Bliley	3302	Bill or Act	13	13	0
Illinois Insurance Data Security Law	4047	Statutes (Bills or Acts)	13	10	7
Maryland Insurance Data Security Law	4049	Statutes (Bills or Acts)	13	10	7
Oklahoma Insurance Data Security Act	4050	Statutes (Bills or Acts)	13	10	7
PCI DSS Defined Approach Requirements v4.0.1	3987	International or National Standard	13	6	1
Pennsylvania Insurance Data Security Law	4051	Statutes (Bills or Acts)	13	10	7
Rhode Island Insurance Data Security Law	4052	Statutes (Bills or Acts)	13	10	7
Sarbanes-Oxley Act of 2002	3296	Bill or Act	13	8	6
Vermont Insurance Data Security Law	4053	Statutes (Bills or Acts)	13	10	7
CMMC Level 1	4042	Regulations	12	0	0
CMMC Level 3	4044	Regulations	12	0	0
CobiT	102	Safe Harbor	12	177	2
Control Baselines for Information Systems and Organizations, NIST Special Publication 800-53B, Moderate Impact Baseline, October 2020	3275	International or National Standard	12	27	12
COSO Enterprise Risk Management (2017)	2947	Best Practice Guideline	12	25	9
Cybersecurity Requirements For Insurance Companies	3407	Regulation or Statute	12	24	21
data security	3406	Regulation or Statute	12	24	21
Digital Personal Data Protection Act, 2023	3679	Statutes (Bills or Acts)	12	9	1
FedRAMP Baseline Security Controls	1263	Audit Guideline	12	137	0
FedRAMP High Baseline, Version 5	3636	Regulation or Statute	12	0	0
Insurance Data Security	3411	Regulation or Statute	12	24	21
Insurance Data Security	3403	Regulation or Statute	12	24	21
Insurance Data Security	3402	Regulation or Statute	12	24	21
Insurance Data Security Act	3396	Regulation or Statute	12	24	21
Insurance Data Security Act	3410	Regulation or Statute	12	24	21
Insurance Data Security Act	3405	Regulation or Statute	12	24	21
Insurance Data Security Law	3397	Regulation or Statute	12	24	21
Insurance Data Security Law	3399	Regulation or Statute	12	24	21
Insurance Data Security Law	3404	Regulation or Statute	12	24	21

View full post