Cyber Essentials → SOC 2 crosswalk

A control-by-control mapping between UK Cyber Essentials and SOC 2 (AICPA Trust Services Criteria). 2 mappings.

Cyber Essentials	SOC 2	Relationship	Notes
CE-3 User access control	CC6.1 Logical access security controls	EquivalentCurated	Contrôle d'accès et identité
CE-5 Security update management	CC7.1 Vulnerability detection and monitoring	EquivalentCurated	Gestion des vulnérabilités

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.