CIS Controls v8 → NIST 800-53 crosswalk
A control-by-control mapping between CIS Critical Security Controls v8 and NIST SP 800-53 Rev. 5. 8 mappings.
| CIS Controls v8 | NIST 800-53 | Relationship | Notes |
|---|---|---|---|
| 1.1 Establish and maintain detailed enterprise asset inventory | CM-8 System component inventory | EquivalentCurated | Inventaire des actifs et des données |
| 11.1 Establish and maintain a data recovery process | CP-9 System backup | EquivalentCurated | Sauvegarde et restauration |
| 3.11 Encrypt sensitive data at rest | SC-8 Transmission confidentiality and integrity | EquivalentCurated | Cryptographie et protection des données |
| 3.11 Encrypt sensitive data at rest | SC-28 Protection of information at rest | EquivalentCurated | Cryptographie et protection des données |
| 4.1 Establish and maintain a secure configuration process | CM-6 Configuration settings | EquivalentCurated | Configuration sécurisée et durcissement |
| 6.1 Establish an access granting process | AC-2 Account management | EquivalentCurated | Contrôle d'accès et identité |
| 7.1 Establish and maintain a vulnerability management process | RA-5 Vulnerability monitoring and scanning | EquivalentCurated | Gestion des vulnérabilités |
| 8.1 Establish and maintain an audit log management process | AU-2 Event logging | EquivalentCurated | Journalisation, surveillance et détection |
Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.