Cyber Essentials → Essential Eight crosswalk
A control-by-control mapping between UK Cyber Essentials and ACSC Essential Eight. 10 mappings.
| Cyber Essentials | Essential Eight | Relationship | Notes |
|---|---|---|---|
| CE-1 Firewalls | E8-5 Application control | PartialCurated | Secure configuration & hardening |
| CE-1 Firewalls | E8-6 Restrict Microsoft Office macros | PartialCurated | Secure configuration & hardening |
| CE-1 Firewalls | E8-7 User application hardening | PartialCurated | Secure configuration & hardening |
| CE-2 Secure configuration | E8-5 Application control | PartialCurated | Secure configuration & hardening |
| CE-2 Secure configuration | E8-6 Restrict Microsoft Office macros | PartialCurated | Secure configuration & hardening |
| CE-2 Secure configuration | E8-7 User application hardening | PartialCurated | Secure configuration & hardening |
| CE-3 User access control | E8-3 Multi-factor authentication | PartialCurated | Access control & identity |
| CE-3 User access control | E8-4 Restrict administrative privileges | PartialCurated | Access control & identity |
| CE-5 Security update management | E8-1 Patch applications | EquivalentCurated | Vulnerability management |
| CE-5 Security update management | E8-2 Patch operating systems | EquivalentCurated | Vulnerability management |
Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.