Workforce Advancement

A skilled and knowledgeable workforce is a key pillar of an effective privacy program. Unfortunately, stakeholders have signaled that demand for a robust and effective privacy workforce is outpacing supply, as recognized in the Privacy Framework companion roadmap. We believe that the first step towards the development of a workforce capable of managing privacy risk is the creation of a privacy workforce taxonomy, aligned with the Privacy Framework and National Initiative for Cybersecurity Education Workforce Framework for Cybersecurity, to provide a common language around tasks, knowledge, and skills. 

We welcome stakeholder input on this effort from a wide range of roles—even those who may not consider themselves to be privacy professionals (e.g., IT, cybersecurity, legal, product development, human resources, and marketing), but can still have a role in managing privacy risk. 

Privacy Workforce Taxonomy, Initial Public Draft

The Privacy Workforce Taxonomy, Initial Public Draft (IPD) can help organizations better achieve their desired privacy outcomes, support recruitment with more consistent position descriptions, and inform the education and training of professionals to produce a workforce capable of managing privacy risk. 

NIST welcomes stakeholder feedback on the Privacy Workforce Taxonomy IPD. Reviewers can download the Taxonomy IPD and Comment Template by clicking the blue button below. Please note that feedback is due by January 17, 2025. 

Privacy Workforce Taxonomy

Privacy Workforce Public Working Group

The Privacy Workforce Taxonomy IPD was developed over three years by the NIST Privacy Workforce Public Working Group (PWWG). The PWWG crafted task, knowledge, and skill statements for a workforce capable of managing privacy risk. Phase 1 of the PWWG is completed.

Privacy Workforce Public Working Group