NIST 800-53 → NIST CSF 2.0 crosswalk
A control-by-control mapping between NIST SP 800-53 Rev. 5 and NIST Cybersecurity Framework 2.0. 14 mappings.
| NIST 800-53 | NIST CSF 2.0 | Relationship | Notes |
|---|---|---|---|
| AC-2 Account management | PR.AA-01 Identities and credentials managed | EquivalentOfficial mapping | Contrôle d'accès et identité |
| AC-2 Account management | PR.AA-05 Access permissions and authorizations enforced | EquivalentCurated | Contrôle d'accès et identité |
| AU-2 Event logging | DE.CM-01 Networks and services monitored | EquivalentCurated | Journalisation, surveillance et détection |
| AU-2 Event logging | PR.PS-04 Log records generated for monitoring | EquivalentOfficial mapping | Journalisation, surveillance et détection |
| CM-6 Configuration settings | PR.PS-01 Configuration management practices established | EquivalentOfficial mapping | Configuration sécurisée et durcissement |
| CM-8 System component inventory | ID.AM-01 Inventories of hardware managed | EquivalentOfficial mapping | Inventaire des actifs et des données |
| CP-9 System backup | PR.DS-11 Backups of data created and tested | EquivalentOfficial mapping | Sauvegarde et restauration |
| PM-1 Information security program plan | GV.OC-01 Organizational mission and security role understood | RelatedCurated | Gouvernance et politique de sécurité |
| RA-3 Risk assessment | ID.RA-01 Vulnerabilities identified and recorded | PartialOfficial mapping | Évaluation et gestion des risques |
| RA-5 Vulnerability monitoring and scanning | ID.RA-01 Vulnerabilities identified and recorded | EquivalentOfficial mapping | Gestion des vulnérabilités |
| SC-28 Protection of information at rest | PR.DS-01 Confidentiality of data-at-rest protected | EquivalentOfficial mapping | Cryptographie et protection des données |
| SC-28 Protection of information at rest | PR.DS-02 Confidentiality of data-in-transit protected | EquivalentCurated | Cryptographie et protection des données |
| SC-8 Transmission confidentiality and integrity | PR.DS-01 Confidentiality of data-at-rest protected | EquivalentCurated | Cryptographie et protection des données |
| SC-8 Transmission confidentiality and integrity | PR.DS-02 Confidentiality of data-in-transit protected | EquivalentOfficial mapping | Cryptographie et protection des données |
Mappings marked “Official” derive from standards-body informative references; “Curated” mappings are authored by Cyber Compliance and provided for guidance only.