Skip to content
Cyber Compliance

CIS Controls v8NIST 800-171 crosswalk

A control-by-control mapping between CIS Critical Security Controls v8 and NIST SP 800-171 Rev. 2. 5 mappings.

CIS Controls v8NIST 800-171RelationshipNotes
3.11
Encrypt sensitive data at rest
3.13.11
Employ FIPS-validated cryptography
EquivalentCurated
Cryptographie et protection des données
4.1
Establish and maintain a secure configuration process
3.4.2
Establish and enforce security configuration settings
EquivalentCurated
Configuration sécurisée et durcissement
6.1
Establish an access granting process
3.1.1
Limit system access to authorized users
EquivalentCurated
Contrôle d'accès et identité
7.1
Establish and maintain a vulnerability management process
3.11.2
Scan for vulnerabilities
EquivalentCurated
Gestion des vulnérabilités
8.1
Establish and maintain an audit log management process
3.3.1
Create and retain audit logs
EquivalentCurated
Journalisation, surveillance et détection

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.