Draft NIST IR 8355 1 2 NICE Framework Competencies: 3 Assessing Learners for Cybersecurity Work 4 5 Karen A. Wetzel 6 7 8 9 10 This publication is available free of charge from: 11 https://doi.org/10.6028/ NIST.IR.8355- draft 12 13 14 15 Draft NISTIR 8355 16 17 NICE Framework Competencies: 18 Assessing Learners for Cybersecurity Work 19 20 Karen A. Wetzel 21 (Manager of the NICE Framework) 22 National Initiative for Cybersecurity Education (NICE) 23 Applied Cybersecurity Division 24 Information Technology Laboratory 25 26 27 28 29 30 31 This publication is available free of charge from: 32 https://doi.org/10.6028/ NIST.IR.8355- draft 33 34 35 March 2021 36 37 38 39 40 41 U.S. Department of Commerce 42 Gina Raimondo , Secretary 43 44 National Institute of Standards and Technology 45 James K. Olthoff , Performing the Non -Exclusive Functions and Duties of the Under Secretary of Commerce 46 for Standards and Technology & Director, National Institute of Standards and Technology 47 National Institute of Standards and Technology Interagency or Internal Report 8355 48 18 pages ( March 2021 ) 49 This publication is available free of charge from: 50 https://doi.org/10.6028/ NIST.IR.8355 -draft 51 Certain commercial entities, equipment, or materials may be identified in this document in order to describe an 52 experimental procedure or concept adequatel y. Such identification is not intended to imply recommendation or 53 endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best 54 available for the purpose. 55 There may be references in this publication t o other publications currently under development by NIST in accordance 56 with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies, 57 may be used by f ederal agencies even before the completion of such companion publications. Thus, until each 58 publication is completed, current requirements, guideline s, and procedures, where they exist, remain operative. For 59 planning and transition purposes, f ederal agencies may wish to closely follow th e development of these new 60 publications by NIST. 61 Organizations are encouraged to review all draft publications during public comment periods and provide feedback to 62 NIST. Many NIST cybersecurity publications , ot her than the ones noted above, are available at 63 https://csrc.nist.gov/publications . 64 65 Public comment period: March 17, 2021 through May 3, 2021 66 National Institute of Standards and Technology 67 Attn: Applied Cybersecurity Division, Information Technology Laboratory 68 100 Bureau Drive (Mail Stop 2000) Gaithersburg, MD 20899 -2000 69 Email: NICEFramework@nist.gov 70 All comments are subject to release under the Freedom of Information Act (FOIA). 71 72 NISTIR 8355 (DRAFT) NICE FRAMEWORK COMPETENCIES : ASSESSING LEARNERS FOR CYBERSECURITY WORK ii Reports on Computer Systems Technology 73 The Information Technology Laboratory (ITL) at the National Institute of Standards and 74 Technology (NIST) promotes the U.S. economy and public welfare by providing technical 75 leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test 76 methods, reference data, proof of concept implementations, and technical analyses to advance the 77 development and productive use of information technol ogy. ITL’s responsibilities include the 78 development of management, administrative, technical, and physical standards and guidelines for 79 the cost -effective security and privacy of other than national s ecurity -related information in f ederal 80 informa tion syste ms. 81 Abstract 82 This publication from the National Initiative for Cybersecurity Education (NICE) describes 83 Competencies as included in the Workforce Framework for