Skip to content
Cyber Compliance

NIS2PCI DSS crosswalk

A control-by-control mapping between NIS2 Directive (EU 2022/2555) and PCI DSS v4.0. 5 mappings.

NIS2PCI DSSRelationshipNotes
Art. 21(2)(a)
Risk analysis and information system security policies
Req. 12
Support information security with organizational policies and programs
RelatedCurated
Gouvernance et politique de sécurité
Art. 21(2)(h)
Cryptography and encryption
Req. 3
Protect stored account data
EquivalentCurated
Cryptographie et protection des données
Art. 21(2)(h)
Cryptography and encryption
Req. 4
Protect cardholder data with strong cryptography during transmission
EquivalentCurated
Cryptographie et protection des données
Art. 21(2)(i)
Access control and asset management
Req. 7
Restrict access by business need to know
PartialCurated
Contrôle d'accès et identité
Art. 21(2)(i)
Access control and asset management
Req. 8
Identify users and authenticate access
PartialCurated
Contrôle d'accès et identité

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.