CIS Critical Security Controls v7.1 and Sub-Controls Mapping to ISO 27001

Published on July 16, 2019

This document provides a detailed mapping of the relationships between CIS Critical Security Controls (CIS Controls) v7.1 and ISO 27001.

As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.