An Introduction to Privacy Engineering and Risk Management in Federal Information Systems

Published: January 05, 2017


Sean W. Brooks, Michael E. Garcia, Naomi B. Lefkovitz, Suzanne Lightman, Ellen M. Nadeau


This document provides an introduction to the concepts of privacy engineering and risk management for federal information systems. These concepts establish the basis for a common vocabulary to facilitate better understanding and communication of privacy risk within federal information systems, and the effective implementation of privacy principles. This publication introduces two key components to support the application of privacy engineering and risk management: privacy engineering objectives and a privacy risk model.
Citation: NIST Interagency/Internal Report (NISTIR) - 8062
Report Number:
Pub Type: NIST Pubs


Computer security, cybersecurity, information security, privacy, risk management, systems engineering
Created January 05, 2017, Updated November 10, 2018