Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

CCPA Regulations Crosswalk


Crosswalk (XLSX) This workbook contains a 3-way mapping in one direction on one tab (Source to SP 800-53, Revision 5 to Privacy Framework Core Outcomes Mapping).


Resource Identifier: CCPA Regulations Crosswalk
Source Name: California Consumer Privacy Act (CCPA)
Contributor: Craig Erickson
Contributor GitHub Username: @craigericksondpo
Date First Posted: January 12, 2024
Date Last Verified or Updated: January 12, 2024
Related Documentation:
Contributor Notes: Implementation, tests, case studies, and program management tools utilizing this crosswalk are not included in the NIST repository. For example, I built "Everyone's Guide to the CCPA" as a multipurpose tool which relies on this crosswalk. One use case is managing consumer complaints about businesses who violate the CCPA. Another use case is defending a business from unsubstantiated complaints, or building a privacy program that gathers evidence of compliance using NIST control standards. These implementation artifacts can and should be maintained independently by their creators or owners. If a user wants to help improve this crosswalk, issues, pull requests, comments, tests, etc. can be made in my personal staging repository hosted at


Feedback on this Resource

There is no discussion at this time for this resource.

You can share feedback, ask questions, or request clarifications about this resource. You will need the resource identifier and contributor’s GitHub username.

Share Feedback

Created January 12, 2024