Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Workforce Advancement

This page provides the latest updates and documents related to the collaborative development of a privacy risk management workforce taxonomy.

About this Effort

Help Wanted Image

A skilled and knowledgeable workforce is a key pillar of an effective privacy program. Unfortunately, stakeholders have signaled that demand for a robust and effective privacy workforce is outpacing supply, as recognized in the Privacy Framework companion roadmap. We believe that the first step towards the development of a workforce capable of managing privacy risk is the creation of a privacy workforce taxonomy, aligned with the Privacy Framework, to provide a common language around roles, tasks, knowledge, and skills. Such a taxonomy can help organizations better achieve their desired privacy outcomes, support recruitment with more consistent position descriptions, and inform the education and training of professionals to produce a more skilled and knowledgeable workforce. We’re coordinating with our National Initiative for Cybersecurity Education (NICE) Program to align our efforts and provide a more modular approach to addressing workforce needs for privacy and cybersecurity.

Feedback

In keeping with NICE’s recently released draft for a new, streamlined structure of the Workforce Framework for Cybersecurity, the output for this effort is intended to be listings of tasks, knowledge, and skills and examples of organizing them into work roles and competencies that organizations can use in a modular fashion to address their workforce needs for privacy and cybersecurity. 

We welcome stakeholder input on this effort from a wide range of roles—even those who may not consider themselves to be privacy professionals (e.g., IT, cybersecurity, legal, product development, human resources, and marketing), but can still have a role in managing privacy risk. In particular, we are interested in feedback about: 

  • Challenges, needs, and opportunities for developing a skilled and knowledgeable workforce 
  • The work roles, tasks, knowledge, and skills necessary to align with the Privacy Framework 
  • Your organizational priorities for workforce resources (e.g., listings of tasks, knowledge, and skills and where those fit in work roles and competencies) 
  • Other issues that we should consider as we develop these resources

Feedback is welcome via email at privacyframework@nist.gov, or engage in a community forum via our public Slack channel. To share feedback via Slack, please request access to our channel

Past News and Events

IAPP Help Wanted: Growing a Workforce for Managing Privacy Risk Workshop | September 22-24, 2020 | Event Page
Help Wanted: Growing a Workforce for Managing Privacy Risk | August 20, 2020 | Blog Post
 

Created August 19, 2020, Updated September 29, 2020