Essential Eight → NIST CSF 2.0 crosswalk
A control-by-control mapping between ACSC Essential Eight and NIST Cybersecurity Framework 2.0. 10 mappings.
| Essential Eight | NIST CSF 2.0 | Relationship | Notes |
|---|---|---|---|
| E8-1 Patch applications | ID.RA-01 Vulnerabilities identified and recorded | EquivalentCurated | Gestion des vulnérabilités |
| E8-2 Patch operating systems | ID.RA-01 Vulnerabilities identified and recorded | EquivalentCurated | Gestion des vulnérabilités |
| E8-3 Multi-factor authentication | PR.AA-01 Identities and credentials managed | PartialCurated | Contrôle d'accès et identité |
| E8-3 Multi-factor authentication | PR.AA-05 Access permissions and authorizations enforced | PartialCurated | Contrôle d'accès et identité |
| E8-4 Restrict administrative privileges | PR.AA-01 Identities and credentials managed | PartialCurated | Contrôle d'accès et identité |
| E8-4 Restrict administrative privileges | PR.AA-05 Access permissions and authorizations enforced | PartialCurated | Contrôle d'accès et identité |
| E8-5 Application control | PR.PS-01 Configuration management practices established | PartialCurated | Configuration sécurisée et durcissement |
| E8-6 Restrict Microsoft Office macros | PR.PS-01 Configuration management practices established | PartialCurated | Configuration sécurisée et durcissement |
| E8-7 User application hardening | PR.PS-01 Configuration management practices established | PartialCurated | Configuration sécurisée et durcissement |
| E8-8 Regular backups | PR.DS-11 Backups of data created and tested | EquivalentCurated | Sauvegarde et restauration |
Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.