In January 1988, the Congress enacted the Computer Security Act of 1987 (Public Law 100-235). A provision of that law called for the establishment of the Computer System Security and Privacy Advisory Board (CSSPAB) within the Department of Commerce. In accordance with the Federal Advisory Committee Act, as amended, 5 U.S.C., App., the Board was chartered in May 1988. In December 2002, Public Law 107-347, The E-Government Act of 2002, Title III, the Federal Information Security Management Act of 2002, Section 21 of the National Institute of Standards and Technology Act (15 U.S.C. 278g-4) amended the charter statutory authority of the Board and renamed it the Information Security and Privacy Advisory Board (ISPAB).
For more information regarding the Information Security and Privacy Advisory Board (ISPAB), please visit the Computer Security Resource Center (CSRC).