December 29, 2021 - NIST recently releases three draft documents for public comment. Comments on the proposed NICE Framework Data Update Process, the refactored Ability statements, and second draft of NISTIR 8355 are due by January 31, 2022. Comments should be submitted by email to NICEFramework@nist.gov.

In the Proposed NICE Framework Data Update Process, the ongoing review and update process for NICE Framework data (Work Roles, Competencies, and Task, Knowledge, and Skill [TKS] statements) is being proposed in order to ensure that the NICE Framework is agile, flexible, interoperable, and modular. This process will enable NICE Framework implementers and stakeholders to suggest changes, allow for more regular updates, make NICE Framework data available in machine-readable formats, and other improvements.

For the Refactored NICE Framework Ability Statements, the deprecation of the 2017 Ability Statements was implemented. Accordingly, these statements have been reviewed in order to identify unique content, while retaining important content and capabilities that are needed for various Work Roles. The current Framework refinement reflects editorial changes, rather than substantive content changes, to support the common and consistent lexicon. NICE is not adding new content that changes the nature of a Work Role, nor removing content that might eliminate requirements or capabilities, but rather eliminating redundancy and adjusting language for clarity.

Lastly, for the NICE Framework Competencies, NISTIR 8355 (Second Draft), NICE Framework Competencies: Assessing Learners for Cybersecurity Work, is available for public comment after the document was adjusted to better define NICE Framework Competencies, clarified the difference between Work Roles and Competencies, and shared how Competencies can be used.