Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Security and Privacy Advisory Board ISPAB


In January 1988, the Congress enacted the Computer Security Act of 1987 (Public Law 100-235). A provision of that law called for the establishment of the Computer System Security and Privacy Advisory Board (CSSPAB) within the Department of Commerce. In accordance with the Federal Advisory Committee Act, as amended, 5 U.S.C., App., the Board was chartered in May 1988. In December 2002, Public Law 107-347, The E-Government Act of 2002, Title III, the Federal Information Security Management Act of 2002, Section 21 of the National Institute of Standards and Technology Act (15 U.S.C. 278g-4) amended the charter statutory authority of the Board and renamed it the Information Security and Privacy Advisory Board (ISPAB).

Current Charter

The National Institute of Standards and Technology (NIST) invites and requests nominations of individuals for appointment to the ISPAB. See the Federal Register Notice (FRN) for instructions.

Scope and Objectives --

  • Identify emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy;
  • Advise the National Institute of Standards and Technology (NIST), the Secretary of the Department of Homeland Security (DHS), and the Director of the Office of Management and Budget (OMB) on information security and privacy issues pertaining to Federal Government information systems, including through review of proposed standards and guidelines developed by NIST.
  • Annually report its findings to the Director of NIST, the Secretary of Commerce, the Secretary of the Department of Homeland Security, the Director of the OMB, the Director of the National Security Agency, and the appropriate committees of the Congress.

The Board's authority does not extend to private sector systems or federal systems which process classified information. 

The Director of NIST shall appoint the chairperson and the additional twelve members of the Board, for a total of thirteen members. The Board meets quarterly throughout the year and all meetings are open to the public. The Board invites public comments on its activities and the objectives the Board should undertake. Comments can be directed to Matthew Scholl.

For further information on the activities of the Board, Matthew Scholl.



Mr. Matthew Scholl - NIST

Jeff Brewer


Security and Privacy: general security & privacy

Laws and Regulations: E-Government Act

Activities and Products: groups

Created May 24, 2016, Updated May 15, 2024