Select regional store:

IT Governance USA responds to NIST’s request for information


Alan Calder, founder and executive chairman of IT Governance USA, submitted a response to “NIST Privacy Framework: An Enterprise Risk Management Tool” via a Request for Information (RFI). 

Calder said NIST should consider the following:  

  • Voluntary participation with incentives 

  • Alignment with existing standards 

  • Risk-based assessment model 

  • Balance business impact with consumers’ privacy interests 

  • Flexible approach to allow corporate scale 

NIST is developing a Privacy Framework to pair with its Cybersecurity Framework. In its RFI, NIST said it envisions that the Privacy Framework will be a voluntary tool for organizations to better identify, assess, manage, and communicate privacy risks so that individuals can enjoy the benefits of innovative technologies with greater confidence and trust.  

The RFI solicits information regarding organizational considerations for privacy risk management, the structure of the Privacy Framework, and specific privacy practices to be included. The RFI responses will inform the development of an outline of the framework that is anticipated to be issued in early 2019. 

This website uses cookies. View our cookie policy