457

457 (NIST ID: T0032)

Task

Conduct Privacy Impact Assessments (PIA) of the application’s security design for the appropriate security controls, which protect the confidentiality and integrity of Personally Identifiable Information (PII).

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

Information Systems Security Developer (Core) ID: 631 (NIST ID: SP-SYS-001) Workforce Element: Cybersecurity

Designs, develops, tests, and evaluates information system security throughout the systems development lifecycle.

Privacy Compliance Manager (Core) ID: 732 (NIST ID: OV-LG-002) Workforce Element: Cyberspace Enablers / Leadership

Develops and oversees privacy compliance program and privacy program staff, supporting privacy compliance needs of privacy and security executives and their teams.

Additional KSAT for the following Work Roles

Security Control Assessor (Additional) ID: 612 (NIST ID: SP-RM-002) Workforce Element: Cybersecurity

Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST 800-37).