Skip to content
Cyber Compliance

CIS Controls v8GLBA crosswalk

A control-by-control mapping between CIS Critical Security Controls v8 and GLBA Safeguards Rule (16 CFR Part 314). 4 mappings.

CIS Controls v8GLBARelationshipNotes
3.11
Encrypt sensitive data at rest
§314.4(c)(3)
Encryption of customer information
EquivalentCurated
Cryptographie et protection des données
6.1
Establish an access granting process
§314.4(c)(1)
Access controls
EquivalentCurated
Contrôle d'accès et identité
7.1
Establish and maintain a vulnerability management process
§314.4(d)
Regularly test or monitor safeguards
PartialCurated
Gestion des vulnérabilités
8.1
Establish and maintain an audit log management process
§314.4(c)(8)
Monitoring and logging of authorized user activity
EquivalentCurated
Journalisation, surveillance et détection

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.