Skip to content
Cyber Compliance

CIS Controls v8GDPR crosswalk

A control-by-control mapping between CIS Critical Security Controls v8 and General Data Protection Regulation (EU 2016/679). 3 mappings.

CIS Controls v8GDPRRelationshipNotes
1.1
Establish and maintain detailed enterprise asset inventory
Art. 30
Records of processing activities
RelatedCurated
Inventaire des actifs et des données
11.1
Establish and maintain a data recovery process
Art. 32
Security of processing
RelatedCurated
Sauvegarde et restauration
3.11
Encrypt sensitive data at rest
Art. 32
Security of processing
PartialCurated
Cryptographie et protection des données

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.