NIST Privacy

NIST Privacy Framework Services

NIST Privacy Framework Assessment Services

The National Institute of Standards and Technology (NIST) Privacy Framework provides a common language for understanding, managing, and expressing privacy risk both internally and externally. It can be used to help identify and prioritize actions for reducing privacy risk and is a tool for aligning policy, business, and technological approaches to managing privacy within the organization. It can be used to manage privacy risk across entire organizations, or it can be focused on the delivery of critical services within an organization.

Different types of entities – including sector coordinating structures, associations, and organizations – will have different controls that apply based on the nature of the business. The Framework Core provides a set of activities to achieve specific outcomes, and references examples of guidance to achieve those outcomes. The Core is not a checklist of actions to perform. It presents key privacy controls identified by NIST as helpful in managing and reducing privacy risk. The five NIST Privacy Framework Core Functions that will be assessed as part of our engagement are:

  • Identify
  • Govern
  • Control
  • Communicate
  • Protect

Compass IT Compliance Services

  • NIST Privacy Framework Risk Assessment - Assess your current level of compliance with NIST Privacy Framework, identify gaps in controls, and identify key work areas that your organization must address to achieve and/or maintain compliance with the framework
  • NIST Privacy Framework Audit - Our experienced, certified IT Auditors will examine your IT controls mapped against NIST Privacy Framework requirements, obtain evidence to determine if the controls are operating effectively to achieve your organization's objectives and satisfy framework requirements, and provide attestation of audit along with remediation strategies. A deeper dive assessment compared to the NIST Privacy Framework Risk Assessment, the NIST Privacy Framework Audit will include evidence sampling
  • NIST Privacy Framework Advisory Services - Work with your organization and tailor our project to your specific needs to address any concerns that you have related to NIST Privacy Framework, assist in the implementation and updating of policies and procedures, or assist in assessing the risk your third party providers pose related to NIST Privacy Framework

Let Compass IT Compliance assist your organization in assessing any risks present through our NIST Privacy Framework services so you can secure your security and privacy environment, comply with regulatory compliance requirements, and save time, money, and resources in the process. Contact Us today to discuss your unique situation. Secure. Comply. Save.

NIST Blog Posts

Contact Us