Information Security and Privacy Advisory Board

From FISMApedia
Jump to: navigation, search

The Information Security and Privacy Advisory Board (ISPAB) was originally created by the Computer Security Act of 1987 (P.L. 100-235) as the Computer System Security and Privacy Advisory Board. As a result of Public Law 107-347, The E-Government Act of 2002, Title III, The Federal Information Security Management Act of 2002, the Board's name was changed and its mandate was amended.


  • Identify emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy;
  • Advise the National Institute of Standards and Technology (NIST), the Secretary of Commerce and the Director of the Office of Management and Budget on information security and privacy issues pertaining to Federal Government information systems, including thorough review of proposed standards and guidelines developed by NIST.
  • Annually report its findings to the Secretary of Commerce, the Director of the Office of Management and Budget, the Director of the National Security Agency and the appropriate committees of the Congress.

The Board's authority does not extend to private sector systems or federal systems which process classified information. Their objectives and duties include:

The membership of the Board consists of twelve members and a Chairperson. The Director of NIST approves membership appointments and appoints the Chairperson. The Board meets quarterly throughout the year and all meetings are open to the public. The Board invites public comments on its activities and the objectives the Board should undertake.

External links