NIST created the Interagency International Cybersecurity Standardization Working Group (IICSWG) in 2016. Our charge, from the Cybersecurity Enhancement Act of 2014, is to build a coordination mechanism for government agencies to discuss international cybersecurity standardization issues, consistent with agencies’ responsibilities under OMB Circular A-119. IICSWG has grown as a forum to discuss cybersecurity and privacy standardization topics.
NIST welcomes feedback and ideas for IICSWG from its government participants, as well as the diverse set of organizations that participate and contribute to international standards. Please email IICSWG [at] (IICSWG[at]nist[dot]gov) with your thoughts.
Our Work
IICSWG is chaired by NIST and has cybersecurity and privacy representatives contributing their expertise on behalf of the 18 departments and agencies listed below.
- Commodity Futures Trading Commission (CFTC)
- Department of Homeland Security (DHS)
- Cybersecurity and Infrastructure Security Agency (CISA)
- Director of National Intelligence (DNI)
- Department of Commerce (DOC)
- International Trade Administration (ITA)
- National Institute of Standards and Technology (NIST)
- National Telecommunications and Information Administration (NTIA)
- Department of Defense (DOD)
- Defense Information Systems Agency (DISA)
- Navy
- National Security Agency (NSA)
- Department of Energy (DOE)
- Department of Justice (DOJ)
- Federal Bureau of Investigation (FBI)
- Department of Transportation
- Federal Aviation Administration (FAA)
- Executive Office of the President (EOP)
- Office of Management and Budget (OMB)
- Office of National Cyber Director (ONCD)
- Federal Communications Commission (FCC)
- Department of Health and Human Services (HHS)
- Food and Drug Administration (FDA)
- National Aeronautics and Space Administration (NASA)
- Small Business Administration (SBA)
- Department of State
- Office of the Coordinator for Cyber Issues (S/CCI)
- Department of the Treasury
- United States Department of Agriculture (USDA)
- United States Trade Representative (USTR)
- Department of Veterans Affairs (VA)
Consistent with OMB Circular A-1191 and in support of the Cybersecurity Enhancement Act of 2014, the IICS WG shall coordinate on major issues in international cybersecurity standardization.
- Coordinate, through information sharing, on major international cybersecurity standards issues.
- Form Task Groups (TGs) for short-term tasks on specific coordination issues.
- Review TG recommendations and take actions, as appropriate.
- Meet as needed with industry associations/Standards Developing Organizations (SDOs)/etc., to understand private sector perspectives on international cybersecurity standards issues.
- Host speakers from government and private sector (e.g., industry associations, SDOs) who want to present new information about, and trends in, international cybersecurity standards to IICS WG members.
- Voting Membership is open to each of the Executive Departments and Agencies (5 USC §§ 101,105) and to their major subordinate agencies, departments, bureaus, etc. (e.g., the DoD, NSA, DISA, and Army can each be a Voting Member).
- Each Voting Member shall be entitled to a single vote on any matter brought before the IICS WG for vote by the IICS WG Convener.
- Each Voting Member shall designate one senior Federal cybersecurity official as its Principal Representative to represent, and to cast votes on behalf of, that Voting Member.
- Each Principal Representative may identify one or more Alternate Representatives, who shall also be Federal employees. While there is no limit on the number of Alternate Representatives who may be identified and who may participate, only one Alternate Representative may be designated by the Principal Representative to vote in his/her absence at any given time.
- Liaison (non-voting) Members may be invited by the IICS WG Convener to join the IICS WG to participate, through designated Federal employee representatives, in IICS WG meetings, TGs, and the like. Liaison Members may include the Executive Office of the President and other Federal interagency groups, such as the Interagency Committee on Standards Policy (IICSP) but shall not include any non-Federal organizations or individuals.
- The Undersecretary of Commerce for Standards and Technology shall appoint an IICS WG Convener.
- The term of office shall be three years.
- There are no term limits.
- The IICS WG Convener, or the Convener’s delegee, shall:
- Call, set the agenda for, preside at, and adjourn meetings of the IICS WG.
- Call any votes of the IICS WG.
- The IICS WG Convener shall:
- Establish and dissolve Task Groups (TGs) as appropriate.
- Invite Voting Members to join the IICS WG.
- May invite Liaison Members to join the IICS WG.
- Any action, decision, or position of the IICS WG shall be made by vote as provided in this section, and such vote shall be called by the IICS WG Convener.
- Background documents for any matter requiring a vote shall be distributed no less than two weeks prior to a scheduled vote, and the matter shall be reflected in the meeting agenda for discussion and voting.
- Criteria for Actions, Decisions, and Positions. There are three criteria for IICS WG approval of an action, decision, or position: (1) At least a majority of the IICS WG Voting Members shall have responded; (2) At least two-thirds of all Voting Members responding shall have voted affirmatively; and (3) Abstentions shall not count.
- Voting may be conducted by electronic means or by roll call vote at a meeting.
- Principal Representatives may email the IICS WG Convener their vote on a particular agenda item prior to a scheduled meeting vote.
- For a specific meeting, Voting Members, which will not be represented, may give their proxy vote to another Voting Member, but shall do so in writing to the IICS WG Convener in advance of that meeting.
- Periodic meetings, approximately three times a year, shall be called by the IICS WG Convener to review broad or specific areas of international cybersecurity standardization.
- Additional meetings may be called at the discretion of the IICS WG Convener, for specific coordination issues raised by the IICS WG members or TG participants.
- Meetings may be by teleconference, in-person, or hybrid mode.
- Voting Members shall be given two-week’s notice prior to any IICS WG meeting at which a vote is to be taken.
Task Groups
- TGs are established and dissolved by the IICS WG Convener to address short-term tasks on specific coordination issues.
- The IICS WG Convener shall appoint each TG Convener and may appoint a TG Co-Convener, to serve at the pleasure of the IICS WG Convener.
- Participation is open to Federal personnel nominated by their respective Voting or Liaison Member.
- Meetings are called by the TG Convener as needed.
- TGs may meet with industry associations/Standards Developing Organizations (SDOs)/etc., to understand private sector perspectives on international cybersecurity standards issues.
- TGs shall make written recommendations to the IICS WG Convener, who may present any TG recommendation to the IICS WG for consideration and vote.
TG Convener
- The TG Convener, or the Convener’s absence the TG Co-Convener, shall call, set the agenda for, preside at, and adjourn, meetings of the TG, and shall call any votes on TG recommendations.
- The TG Convener shall forward the TG’s recommendations to the IICS WG Convener.
- NIST shall provide administrative support for the IICS WG, pursuant to 15 USC 272(b)(10) and (13), and subject to the availability of funds.
- The IICS WG Administrator shall:
- Establish and maintain IICS WG and TG webpages and mailing lists.
- Maintain a roster of IICS WG Voting and Liaison Members, and of their Principal and Alternate Representatives, as well as a roster of TGs and TG participants.
PDF Copy of Charter