Skip to content
Cyber Compliance

Cyber EssentialsNIST CSF 2.0 crosswalk

A control-by-control mapping between UK Cyber Essentials and NIST Cybersecurity Framework 2.0. 5 mappings.

Cyber EssentialsNIST CSF 2.0RelationshipNotes
CE-1
Firewalls
PR.PS-01
Configuration management practices established
PartialCurated
Secure configuration & hardening
CE-2
Secure configuration
PR.PS-01
Configuration management practices established
EquivalentCurated
Secure configuration & hardening
CE-3
User access control
PR.AA-01
Identities and credentials managed
EquivalentCurated
Access control & identity
CE-3
User access control
PR.AA-05
Access permissions and authorizations enforced
EquivalentCurated
Access control & identity
CE-5
Security update management
ID.RA-01
Vulnerabilities identified and recorded
EquivalentCurated
Vulnerability management

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.