Skip to content
Cyber Compliance

GLBANIST 800-53 crosswalk

A control-by-control mapping between GLBA Safeguards Rule (16 CFR Part 314) and NIST SP 800-53 Rev. 5. 8 mappings.

GLBANIST 800-53RelationshipNotes
§314.4(a)
Designate a qualified individual
PM-1
Information security program plan
RelatedCurated
Gouvernance et politique de sécurité
§314.4(c)(1)
Access controls
AC-2
Account management
EquivalentCurated
Contrôle d'accès et identité
§314.4(c)(3)
Encryption of customer information
SC-8
Transmission confidentiality and integrity
EquivalentCurated
Cryptographie et protection des données
§314.4(c)(3)
Encryption of customer information
SC-28
Protection of information at rest
EquivalentCurated
Cryptographie et protection des données
§314.4(c)(8)
Monitoring and logging of authorized user activity
AU-2
Event logging
EquivalentCurated
Journalisation, surveillance et détection
§314.4(d)
Regularly test or monitor safeguards
RA-5
Vulnerability monitoring and scanning
PartialCurated
Gestion des vulnérabilités
§314.4(h)
Incident response plan
IR-4
Incident handling
PartialCurated
Réponse aux incidents et notification des violations
§314.4(h)
Incident response plan
IR-6
Incident reporting
PartialCurated
Réponse aux incidents et notification des violations

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.