The Workforce Framework for Cybersecurity (NICE Framework), NIST Special Publication 800-181, Revision 1 was published November 16, 2020. This revision presents a streamlined set of “building blocks” comprised of Tasks, Knowledge, and Skills (TKS). These building blocks and corresponding Work Roles and Competencies will be maintained as separate artifacts and will be subject to ongoing review and updates with a defined change process and indication of version control to manage and communicate changes.
Until those updates occur, the 2017 NICE Framework versions of Work Role, Tasks, and Knowledge and Skill statements will remain available to users on this webpage.
The Reference Spreadsheet for the NICE Framework is supporting documentation that includes a database of the NICE Framework and a mapping to Office of Personnel Management codes for Federal use. The Reference Spreadsheet includes a list of Work Roles and Task, Knowledge, and Skill (TKS) statements . It also includes the Categories, Specialty Areas, and Ability statements from the 2017 NICE Framework. This spreadsheet is updated on an ongoing basis. The current version is as of July 7, 2020.
Working Draft: Task, Knowledge, Skill (TKS) Statements Authoring Guide for Workforce Frameworks
This working draft, a collaborative NIST effort between NICE and Privacy Engineering Program (PEP), was developed for use during the 2021 NICE review of the NICE Framework TKS statements and the PEP development of new TKS statements for its Privacy Framework. A final version is expected in late 2021.
NIST welcomes and encourages feedback on this Authoring Guide. It is intended to be a “living” document and may undergo future revisions as needed based on stakeholder needs and other relevant factors. Feedback may be sent to: NICEFramework [at] nist.gov
Draft NIST Interagency or Internal Report (NISTIR) 8355, NICE Framework Competencies: Assessing Learners for Cybersecurity Work, provides more detail on what NICE Framework Competencies are, including their evolution and development and example uses from various stakeholder perspectives.
Released in conjunction with NISTIR 8355 is a draft NICE Framework List of Competencies that provides a proposed list of 54 Competencies for the cybersecurity workforce.