NIST has released three draft items related to the Workforce Framework for Cybersecurity (NICE Framework).
- Proposed NICE Framework Data Update Process
An ongoing review and update process for NICE Framework data (Work Roles, Competencies, and Task, Knowledge, and Skill [TKS] statements) is being proposed in order to ensure that the NICE Framework is agile, flexible, interoperable, and modular. This process will enable NICE Framework implementers and stakeholders to suggest changes, allow for more regular updates, make NICE Framework data available in machine-readable formats, and other improvements. This resource will provide more information about what to expect.
- Refactored NICE Framework Ability Statements
The NICE Framework revision 1 was released in November 2020. One significant change in this revision is deprecation of the 2017 Ability Statements. These statements have been reviewed in order to identify unique content, while retaining important content and capabilities that are needed for various Work Roles. The current Framework refinement reflects editorial changes, rather than substantive content changes, to support the common and consistent lexicon. NICE is not adding new content that changes the nature of a Work Role, nor removing content that might eliminate requirements or capabilities, but rather eliminating redundancy and adjusting language for clarity.
- NICE Framework Competencies, NISTIR 8355 (Second Draft)
A second draft of NIST Interagency or Internal Report (NISTIR) 8355, NICE Framework Competencies: Assessing Learners for Cybersecurity Work, is available for public comment. We listened to your comments from earlier this year about the first version, we’ve adjusted to better define NICE Framework Competencies, clarified the difference between Work Roles and Competencies, and shared how Competencies can be used. At this time we are only sharing an updated NISTIR; we will be working with community stakeholders to update the List of Competencies for release in 2022.
How are comments submitted?
Comments on the proposed NICE Framework Data Update Process, the refactored Ability statements, and second draft of NISTIR 8355 are due by January 31, 2022 at 11:59 p.m. ET. Comments should be submitted by email to NICEFramework@nist.gov. As always, we are thankful for your support. Your ideas will continue to shape our publications and processes to ensure they meets the needs and expectations of our stakeholders.