What is the NAT order of execution in Cisco ASA?

The ASA does the nat in following order
1. NAT exemption (nat 0 access-list)—In order, till the first match. Identity NAT is not included in this category; it is included in the regular static NAT or regular NAT category.

2. Static NAT and Static PAT (regular and policy) (static)—In order, till the first match. Static identity NAT is included in this category.

3. Policy dynamic NAT (nat access-list)—In order, till the first match. Overlapping addresses are allowed.

4. Regular dynamic NAT (nat)—Best match. Regular identity NAT is included in this category. The order of the NAT commands does not matter; the NAT statement that best matches the real address is used. For example, you can create a general statement to translate all addresses (0.0.0.0) on an interface. If you want to translate a subset of your network (10.1.1.1) to a different address, then you can create a statement to translate only 10.1.1.1. When 10.1.1.1 makes a connection, the specific statement for 10.1.1.1 is used because it matches the real address best. Cisco doesn’t recommend using overlapping statements because they use more memory and can slow the performance of the ASA.