Skip to content
Cyber Compliance

NIST 800-171SOC 2 crosswalk

A control-by-control mapping between NIST SP 800-171 Rev. 2 and SOC 2 (AICPA Trust Services Criteria). 4 mappings.

NIST 800-171SOC 2RelationshipNotes
3.1.1
Limit system access to authorized users
CC6.1
Logical access security controls
EquivalentCurated
Contrôle d'accès et identité
3.11.2
Scan for vulnerabilities
CC7.1
Vulnerability detection and monitoring
EquivalentCurated
Gestion des vulnérabilités
3.13.11
Employ FIPS-validated cryptography
CC6.7
Restricting data transmission
PartialCurated
Cryptographie et protection des données
3.3.1
Create and retain audit logs
CC7.2
Security event monitoring
EquivalentCurated
Journalisation, surveillance et détection

Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.