Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Privacy Workforce Taxonomy

Privacy Workforce Taxonomy, IPD  Background
 What are TKS Statements? How to use the Privacy Workforce Taxonomy  

The NIST Privacy Workforce Taxonomy is a set of Task, Knowledge, and Skill (TKS) Statements aligned with the NIST Privacy Framework, Version 1.0 and the NICE Workforce Framework. The Privacy Workforce Taxonomy can help organizations better achieve their desired privacy outcomes, support recruitment with more consistent position descriptions, and inform the education and training of professionals to produce a workforce capable of managing privacy risk. 

Privacy Workforce Taxonomy, Initial Public Draft

NIST welcomes stakeholder feedback on the Privacy Workforce Taxonomy, Initial Public Draft (IPD). Reviewers can download the Taxonomy IPD and Comment Template by clicking the blue buttons below. Comments should be submitted to pwwg [at] nist.gov. Please note that feedback is due by January 17, 2025

Privacy Workforce Taxonomy, IPD (PDF)Comment Template (Excel)   Privacy Workforce Taxonomy, IPD Spreadsheet (Excel)   

Background

The Privacy Workforce Taxonomy was developed over three years by the NIST Privacy Workforce Public Working Group (PWWG). With over 950 global members representing private industry, the public sector, civil society, and academia, the PWWG offers a forum to leverage the collective expertise of the privacy community to tackle privacy workforce challenges. 

Each of the PWWG’s 11 Project Teams developed TKS Statements mapped to Subcategories within the NIST Privacy Framework's Identify-P, Govern-P, Control-P, and Communicate-P Functions. Learn more about the PWWG by clicking on the blue button below.

More information on the PWWG

What are TKS Statements?

TKS Statements are the building blocks of a workforce framework.

  • Task statements describe activities that are directed toward achieving organizational objectives.
  • Knowledge statements describe a retrievable set of concepts within a learner’s memory (i.e., what a learner knows).
  • Skill statements describe a learner’s capacity to perform an observable action.

The TKS Statements within the Privacy Workforce Taxonomy IPD are listed in alphabetical order. Organizations are free to select which TKS Statements to apply, including the order in which to execute Task Statements. 

TKS Statements can be applied in a modular manner to assist in learner and workforce assessment, in recruiting and hiring processes, and in learning and professional development. For more information on TKS Statements, please read the TKS Authoring Guide and watch the TKS 101 Video, both available below. 

Authoring Guide TKS Statements 101 Video 

How to use the Privacy Workforce Taxonomy

There is no single or “correct” way to use the Privacy Workforce Taxonomy. It is designed for flexible use, and there are numerous ways to use it. For example, organizations that have created a Profile of prioritized NIST Privacy Framework Core outcomes can use the Taxonomy to identify tasks, knowledge, and skills that are aligned with each outcome. TKS Statements can also be used to build work roles and assist with privacy training activities. 

The Privacy Workforce Taxonomy is not a checklist or set of tasks to be completed in a specific order. Organizations can select which TKS Statements are relevant based on their unique context and apply them in a modular manner to achieve their objectives.

The Privacy Workforce Taxonomy IS …

The Privacy Workforce Taxonomy is NOT …

a set of tasks, knowledge, and skills organizations can select from to support a workforce capable of managing privacy risk

✅ voluntary and designed for flexible use

✅ law, sector, and technology neutral 

🚫 NOT a checklist

🚫 NOT a set of step-by-step tasks

🚫 NOT one-size-fits-all

 

Contact us with any questions at privacyframework [at] nist.gov (privacyframework[at]nist[dot]gov) 

 

Created March 20, 2024, Updated November 22, 2024