In September 2017, this (legacy) site will be replaced with the new site you can see at beta.csrc.nist.rip. At that time, links to this legacy site will be automatically redirected to apporpriate links on the new site.

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

Quick links

Follow ISPAB:

facebook logo Facebook

youtube logo Youtube

twitter logo Twitter

rss icon RSS Feeds

Information Security and Privacy Advisory Board (ISPAB)

In January 1988, the Congress enacted the Computer Security Act of 1987 (Public Law 100-235). A provision of that law called for the establishment of the Computer System Security and Privacy Advisory Board (CSSPAB) within the Department of Commerce. In accordance with the Federal Advisory Committee Act, as amended, 5 U.S.C., App., the Board was chartered in May 1988. In December 2002, Public Law 107-347, The E-Government Act of 2002, Title III, the Federal Information Security Management Act of 2002, amended Section 21 of the National Institute of Standards and Technology Act (15 U.S.C. 278g-4), the charter statutory authority of the Board, and renamed it the Information Security and Privacy Advisory Board (ISPAB). Section 21 of the National Institute of Standards and Technology Act was amended again in December 2014 by the Federal Information Security Modernization Act of 2014, Public Law 113-283, to specify that the ISPAB should advise the Secretary of Homeland Security in addition to NIST and the Director of the Office of Management and Budget

Scope/Objectives:

  • Identify emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy;
  • Advise the National Institute of Standards and Technology (NIST), the Secretary of Homeland Security, the Secretary of Commerce and the Director of the Office of Management and Budget on information security and privacy issues pertaining to Federal Government information systems, including thorough review of proposed standards and guidelines developed by NIST.
  • Annually report its findings to the Secretary of Commerce, the Secretary of Homeland Security, the Director of the Office of Management and Budget, the Director of the National Security Agency and the appropriate committees of the Congress.

The Board's authority does not extend to private sector systems or federal systems which process classified information. 

The membership of the Board consists of twelve members and a Chairperson. The Secretary of Commerce appoints the Chairperson, and the Director of NIST will appoint all Board members. The Board meets quarterly throughout the year and all meetings are open to the public. The Board invites public comments on its activities and the objectives the Board should undertake. Comments can be directed to Matthew Scholl.

The following are congressional oversight committees for ISPAB:

  • Senate Committee on Commerce, Science and Transportation
  • Senate Committee on Finance
  • Senate Committee on Homeland Security & Governmental Affairs
  • House Committee on Science, Space, and Technology
  • House Committee on Energy and Commerce

For further information on the activities of the Board, Matthew Scholl.