457

457 (NIST ID: T0032)

Task

Conduct Privacy Impact Assessments (PIA) of the application’s security design for the appropriate security controls, which protect the confidentiality and integrity of Personally Identifiable Information (PII).

Items denoted by a * are CORE KSATs for every Work Role, while other CORE KSATs vary by Work Role.


Core KSAT for the following Work Roles

Information Systems Security Developer (Core) ID: 631 (NIST ID: SP-SYS-001) Category/Specialty Area: Securely Provision / Systems Development
Workforce Element: Cybersecurity

Designs, develops, tests, and evaluates information system security throughout the systems development lifecycle.

Privacy Compliance Manager (Core) ID: 732 (NIST ID: OV-LG-002) Category/Specialty Area: Oversee & Govern / Legal Advice and Advocacy
Workforce Element: Cyberspace Enablers / Leadership

Develops and oversees privacy compliance program and privacy program staff, supporting privacy compliance needs of privacy and security executives and their teams.

Additional KSAT for the following Work Roles

Security Control Assessor (Additional) ID: 612 (NIST ID: SP-RM-002) Category/Specialty Area: Securely Provision / Risk Management
Workforce Element: Cybersecurity

Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST 800-37).