Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
NICE Framework Public Comments
To remain effective now and in the future, the NICE Framework Components — Task, Knowledge, and Skill (TKS) statements; Work Roles and Work Role Categories; and Competency Areas — are regularly reviewed and adjusted to respond to and anticipate changing needs of the cybersecurity workforce. These changes are driven by new and evolving technologies, threats, and approaches to securing organizations and the Nation.
Proposed major and minor changes to the NICE Framework are made available for public comment prior to finalization. Public and private stakeholders may view and provide comments on candidates during defined comment periods. Comments on candidates are reviewed by NIST as part of its adjudication process prior to final release of the draft content. Comments received by the deadline will be acknowledged by email. All comments are reviewed and adjudicated to inform any necessary updates to the relevant proposed changes. Final updates will be incorporated in the next release of the NICE Framework Components.
Visit the Change Request FAQs webpage for information on how to request proposed changes outside of the public comment periods.
Comment Period | Description | Links |
September 30 – November 14, 2024 Submit comments to NICEframework [at] nist.gov (NICEframework[at]nist[dot]gov) by 11:59pm ET on November 14, 2024. | Cyber Resiliency Competency Area (NF-COM-007) NICE released the names and descriptions of 11 new Competency Areas with Version 1.0.0 of the NICE Framework Components in March 2024. This draft update contains proposed Knowledge and Skill statements to be included in the Cyber Resiliency Competency Area. | NF-COM-007 Public Comment Spreadsheet |
September 30 – November 14, 2024 Submit comments to NICEframework [at] nist.gov (NICEframework[at]nist[dot]gov) by 11:59pm ET on November 14, 2024. | Digital Evidence Analysis Work Role (IN-WRL-002) A review of this existing NICE Framework Work Role in the Investigation category was conducted with subject matter experts from the Federal Bureau of Investigation and the Department of Justice. This draft adjusts the Task, Knowledge, and Skill statements in this Work Role and aligns Knowledge and Skill statements to each Task. | IN-WRL-002 Public Comment Spreadsheet |
September 30 – November 14, 2024 Submit comments to NICEframework [at] nist.gov (NICEframework[at]nist[dot]gov) by 11:59pm ET on November 14, 2024. | Insider Threat Analysis Work Role (PD-WRL-005) This Work Role was initially released with Version 1.0.0 of the NICE Framework Components in March 2024. This update includes minor changes to some Task, Knowledge, and Skill statements and aligns the Knowledge and Skill statements to each Task statement in this role. | PD-WRL-005 Public Comment Spreadsheet |
September 30 – November 14, 2024 Submit comments to NICEframework [at] nist.gov (NICEframework[at]nist[dot]gov) by 11:59pm ET on November 14, 2024. | Operational Technology (OT) Cybersecurity Engineering Work Role (New DD-WRL-009) This new Work Role in the NICE Framework Design & Development Work Role Category is the first role in the NICE Framework to focus on operational technology (OT). | DD-WRL-009 Public Comment Spreadsheet |