Skip to main content
Content Starts Here GSA Federal Advisory Committee Act (FACA) Database Skip to main content

Committee Detail

Note: An Annual Comprehensive Review, as required by §7 of the Federal Advisory Committee Act, is conducted each year on committee data entered for the previous fiscal year (referred to as the reporting year). The data for the reporting year is not considered verified until this review is complete and the data is moved to history for an agency/department. See the Data From Previous Years section at the bottom of this page for the committee’s historical, verified data.


DOC - 324 - Information Security and Privacy Advisory Board - Statutory (Congress Created)
Hide Section - GENERAL INFORMATION

GENERAL INFORMATION

Committee NameInformation Security and Privacy Advisory BoardAgency NameDepartment of Commerce
Fiscal Year2020Committee Number324
Original Establishment Date1/8/1988Committee StatusChartered
Actual Termination Date Committee URLhttp://csrc.nist.gov/groups/SMA/ispab/index.html
New Committee This FYNoPresidential Appointments*No
Terminated This FYNoMax Number of Members*13
Current Charter Date2/26/2020Designated Fed Officer Position Title*DFO
Date Of Renewal Charter2/26/2022Designated Federal Officer PrefixMr.
Projected Termination Date Designated Federal Officer First Name*Jeff
Exempt From Renewal*NoDesignated Federal Officer Middle Name
Specific Termination AuthorityDesignated Federal Officer Last Name*Brewer
Establishment Authority*Statutory (Congress Created)Designated Federal Officer Suffix
Specific Establishment Authority*15 U.S.C. 278g-4Designated Federal Officer Phone*(301) 975-2489
Effective Date Of Authority*1/8/1988Designated Federal Officer Fax*(301) 975-8670
Exempt From EO 13875 Discretionary CmteNot ApplicableDesignated Federal Officer Email*jeffrey.brewer@nist.gov
Committee Type*Continuing
Presidential*No
Committee Function*Scientific Technical Program Advisory Board
Hide Section - RECOMMENDATION/JUSTIFICATIONS

RECOMMENDATION/JUSTIFICATIONS

Agency Recommendation*Continue
Legislation to Terminate RequiredNo
Legislation StatusNot Applicable
How does cmte accomplish its purpose?*The Information Security and Privacy Advisory Board's statutory purpose is to advise the Secretary of Commerce, the Director of the National Institute of Standards and Technology (NIST), and the Director of the Office of Management and Budget (OMB) on information security and privacy related issues. The Board meets 3-4 times a year, and the agendas of these meetings are established based on the Board's work list of emerging issues that has been developed and is reviewed and updated at every meeting. The meeting agenda topics also include non-work list items that are considered by the board of immediate security and privacy concerns to the federal government information systems. The invited presenters at every Board meeting were leaders and experts from private industries, academia, federal agency CIOs, IGs and CISOs.An annual report is submitted and included in NIST Special Publication 800-176 Computer Security Division Annual Report http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-176.pdf.During this fiscal year, the board submitted three recommendation letters to OMB and NIST relating Mobile Device and Derived Credentials, Department of Commerce Review Risk Management Process, and Realignment within NIST's Information Technology Laboratory (ITL) - adding another division devoted to cybersecurity.
How is membership balanced?*The Board is comprised of members from a broad range of interested parties. There are three main categories and each category has four members. Category 1 includes members from outside the Federal government eminent in the information technology industry, at least one of whom is representative of small or medium-sized companies in such industries. Category 2 also includes members from outside the Federal government and not employed by or representative of a producer of information but are eminent in the field of information technology, or related disciplines. Category 3 includes members from the Federal government who have information system management experience, including experience in information security and privacy, at least one of whom should be from the National Security Agency. Federal members bring a detailed understanding of the Federal processing environment; industry brings concerns and experiences regarding product development and market formation, while private computer security experts are able to bring their experiences of commercial cost-effective security measures into Board discussion. Presently, the membership of the Board consists of nine members including Chairperson, and is currently in the process of vetting new members.
How frequent & relevant are cmte mtgs?*The Board holds open, public meetings 3-4 times a year. At the first meeting of every fiscal year, the Board reviews and updates its work plan items for fiscal year. Topics include supply chain risk management, Artificial Intelligence, general security and privacy, blockchain, cybersecurity workforce, and NIST standards.
Why advice can't be obtained elsewhere?*In drafting the Computer Security Act of 1987, which created this Advisory Board, we understand that Congress saw a need for an independent, non-federally dominated group of computer security experts to offer its advice to senior government officials on emerging computer security areas. The Board members, with their individual and collective skills, responsibilities and experiences fulfill this requirement. No other similar group of experts meet regularly to review information security issues involved in unclassified Federal Government computer systems and networks. In today emerging technology, privacy is ever moving into prominent importance not just for security but in bring about confidence from industry and consumers. Also, Title III of the E-Government Act of 2002 reaffirmed the need for this Board by giving it additional responsibilities.
Why close or partially close meetings?N/A
Recommendation RemarksCosts for FY20 were less than estimated due to the 2020 COVID pandemic.
The March 2020 meeting was cancelled and the 2020 June meeting was held virtually, which resulted in no travel, transportation needs, and supplies/materials.
Recommendations are made when applicable, and submitted to the Director of NIST, the Secretary of Commerce, and the Director of the Office of Management and Budget.
Hide Section - PERFORMANCE MEASURES

PERFORMANCE MEASURES

Outcome Improvement To Health Or Safety*NoAction Reorganize Priorities*Yes
Outcome Trust In GovernmentYesAction Reallocate ResourcesYes
Outcome Major Policy ChangesNoAction Issued New RegulationsNo
Outcome Advance In Scientific ResearchYesAction Proposed LegislationNo
Outcome Effective Grant MakingNoAction Approved Grants Or Other PaymentsNo
Outcome Improved Service DeliveryYesAction OtherYes
Outcome Increased Customer SatisfactionYesAction CommentNIST has refined their strategy based on objective feedback related to presentations and submissions of the Board.
Outcome Implement Laws/Reg RequirementsNoGrants Review*No
Outcome OtherNoNumber Of Grants Reviewed0
Outcome CommentNANumber Of Grants Recommended0
Cost Savings*Unable to DetermineDollar Value Of Grants Recommended$0.00
Cost Savings CommentMany of the recommendations address information security and privacy policy government-wide. Cost savings would vary based on agency-specific implementation.Grants Review CommentNA
Number Of Recommendations*40Access Contact Designated Fed. Officer*Yes
Number Of Recommendations CommentSince the first year through this fiscal year, the Board submitted a total of 40 recommendations.Access Agency WebsiteYes
% of Recs Fully Implemented*29.00%Access Committee WebsiteYes
% of Recs Fully Implemented CommentAll recommendations do not address the agency. They may be directed to OMB for government-wide impact, which is difficult to report or monitor percentage of implementation. Those time lines are driven by the OMB directives. Board recommendations specific to NIST have been or will be addressed and implemented.Access GSA FACA WebsiteYes
% of Recs Partially Implemented*0.00%Access PublicationsYes
% of Recs Partially Implemented CommentNAAccess OtherYes
Agency Feedback*YesAccess CommentInformation is published in the FEDERAL REGISTER announcing the meetings and agendas and announcing an annual request for nomination consideration to the membership of the Board.
Agency Feedback Comment*Feedback to the Advisory Board are filtered in several ways: oral communications with the membership, status presentations to the Board, email communications, formal reply to recommendations and the use of a dedicated web-site.Narrative Description*The Board advises NIST, the Secretary of Commerce and the Director of OMB on information security and privacy issues pertaining to Federal government unclassified information systems. This includes thorough review of proposed standards and guidelines developed under Section 20 of the National Institute of Standards and Technology Act (15 U.S.C. 278g-3) as amended by Title III of the E-Government Act of 2002.
Hide Section - COSTS

COSTS

Payments to Non-Federal Members*$0.00Est Payments to Non-Fed Members Next FY*$0.00
Payments to Federal Members*$0.00Est. Payments to Fed Members Next FY*$0.00
Payments to Federal Staff*$65,364.00Estimated Payments to Federal Staff*$66,635.00
Payments to Consultants*$0.00Est. Payments to Consultants Next FY*$0.00
Travel Reimb. For Non-Federal Members*$1,616.00Est Travel Reimb Non-Fed Members nextFY*$10,000.00
Travel Reimb. For Federal Members*$126.00Est Travel Reimb For Fed Members*$0.00
Travel Reimb. For Federal Staff*$0.00Est. Travel Reimb to Fed Staff Next FY*$1,000.00
Travel Reimb. For Consultants*$0.00Est Travel Reimb to Consultants Next FY*$0.00
Other Costs$33,758.00Est. Other Costs Next FY*$50,000.00
Total Costs$100,864.00Est. Total Next FY*$127,635.00
Federal Staff Support (FTE)*0.80Est. Fed Staff Support Next FY*0.80
Cost RemarksTravel costs were reduced for 2020 due to cancelation of planned March 2020 Meeting and June Meeting was held virtually.Est Cost Remarks
Hide Section - Interest Areas

Interest Areas

Category
Area
Business
Industry
Manufacturing
Small Business
Computer Technology
Applications
Computers
Information Technology
Internet
Semiconductors
Systems Engineering
Technology
Data
Data Integrity
Data Quality
Privacy
Government
Federal Government
Internal Federal Government
Research
Research and Development
Science and Technology
Innovation
Science and Technology
Hide Section - MEMBERS,MEETINGS AND ADVISORY REPORTS

MEMBERS,MEETINGS AND ADVISORY REPORTS

To View all the members, meetings and advisory reports for this committee please click here
Hide Section - CHARTERS AND RELATED DOCS

CHARTERS AND RELATED DOCS

No Documents Found
Hide Section - DATA FROM PREVIOUS YEARS

DATA FROM PREVIOUS YEARS

Committee

Data from Previous Years

 
ActionCommittee System IDCommittee NameFiscal Year
 COM-035849Information Security and Privacy Advisory Board2019
 COM-034277Information Security and Privacy Advisory Board2018
 COM-001306Information Security and Privacy Advisory Board2017
 COM-002928Information Security and Privacy Advisory Board2016
 COM-003498Information Security and Privacy Advisory Board2015
 COM-005061Information Security and Privacy Advisory Board2014
 COM-005566Information Security and Privacy Advisory Board2013
 COM-007236Information Security and Privacy Advisory Board2012
 COM-007662Information Security and Privacy Advisory Board2011
 COM-009393Information Security and Privacy Advisory Board2010
 COM-009749Information Security and Privacy Advisory Board2009
 COM-011327Information Security and Privacy Advisory Board2008
 COM-011591Information Security and Privacy Advisory Board2007
 COM-013142Information Security and Privacy Advisory Board2006
 COM-013487Information Security and Privacy Advisory Board2005
 COM-015066Information Security and Privacy Advisory Board2004
 COM-015372Information Security and Privacy Advisory Board2003
 COM-017027Computer System Security and Privacy Advisory Board2002
 COM-017315Computer System Security and Privacy Advisory Board2001
 COM-019016Computer System Security and Privacy Advisory Board2000
 COM-019230Computer System Security and Privacy Advisory Board1999
 COM-020934Computer System Security and Privacy Advisory Board1998
 COM-021157Computer System Security and Privacy Advisory Board1997