Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
New Projects
We’re excited to announce that we are updating the NIST Privacy Framework to Version 1.1 and creating a Joint NIST Frameworks Data Governance and Management (DGM) Profile!
The NIST Privacy Framework was modeled after the NIST Cybersecurity Framework (CSF) so that the two frameworks could be used together more easily. This year, we will be implementing a modest update to Privacy Framework 1.1 to support realignment with the CSF 2.0 update and respond to our stakeholders’ current privacy risk management needs.
Stakeholders have expressed a desire for more support in using NIST frameworks and resources together. Because data governance is the starting point for many organizations seeking the benefits of data while managing privacy cybersecurity, AI, and IoT risks, we intend to develop a joint NIST frameworks Data Governance and Management (DGM) Profile. A joint Profile offers a means to effectively demonstrate complementary use of NIST resources.
Development Schedule
| New Year, New Initiatives for the Privacy Framework! | January 25, 2024 |
| Concept Papers | Privacy Framework 1.1 Concept Paper, DGM Profile Concept Paper | Available |
| Ready, Set, Update! Privacy Framework 1.1 + Data Governance and Management Profile Workshop | June 25 and 26, 2024 |
DGM Profile Working Sessions (See schedule below)
| September - November 2024 |
| Initial Public Drafts | TBD |
DGM Profile Working Sessions Schedule
Building on the valuable stakeholder feedback received during the Ready, Set, Update! Privacy Framework 1.1 + DGM Profile Workshop, we are hosting a series of public working sessions to further shape the joint NIST Frameworks DGM Profile. This next phase in the DGM Profile development offers stakeholders the opportunity to engage in collaborative discussions to shape the content of the DGM Profile Initial Public Draft.
These working sessions are virtual and consists of both guided and open discussions. Each session covers the same material, so there is no need to attend more than one. Click on the buttons below to register for your preferred working session.
Working Session 1: Data Governance and Management Activities
Read-Ahead Material | Working Session 1
September 10, 2024 9:00 am - 11:00 am ET | September 11, 2024 11:00 am - 1:00 pm ET | September 12, 2024 3:00 pm - 5:00 pm ET |
Ways to Engage
- Visit our website. Visit the Privacy Framework website and this page for updates, upcoming events, resources, and other opportunities to weigh in.
- Email updates. To receive updates on the Privacy Framework, sign up for email alerts via the Mailing List page.*
- Social Media. If you prefer to get updates via social media, be sure to follow NIST Cyber on LinkedIn and Facebook.
- Contact us. You can always contact us at privacyframework [at] nist.gov (privacyframework[at]nist[dot]gov).
*Mailing List: If you are having trouble joining the mailing list, e-mail PrivacyFramework+subscribe [at] list.nist.gov (PrivacyFramework+subscribe[at]list[dot]nist[dot]gov). If you don't have a Google account, please review and follow these instructions.