GDPR → NIST 800-171 crosswalk
A control-by-control mapping between General Data Protection Regulation (EU 2016/679) and NIST SP 800-171 Rev. 2. 2 mappings.
| GDPR | NIST 800-171 | Relationship | Notes |
|---|---|---|---|
| Art. 32 Security of processing | 3.13.11 Employ FIPS-validated cryptography | PartialCurated | Cryptography & data protection |
| Art. 33 Notification of a personal data breach to the supervisory authority | 3.6.1 Establish an incident-handling capability | RelatedCurated | Incident response & breach notification |
Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.