Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Other (Initial Preliminary Draft)

NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management

Date Published: September 9, 2019
Comments Due: October 24, 2019 (public comment period is CLOSED)
Email Questions to:


National Institute of Standards and Technology


NIST seeks comments on the Preliminary Draft of the "NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management" (“Preliminary Draft”). The Preliminary Draft was developed by NIST using information collected through the Request for Information (RFI) that was published in the Federal Register on November 14, 2018, and a series of open public workshops and webinars. NIST developed the Preliminary Draft in collaboration with public and private stakeholders. It is intended for voluntary use to help organizations:

  • better identify, assess, manage, and communicate privacy risks when designing or deploying systems, products, and services;
  • foster the development of innovative approaches to protecting individuals' privacy; and
  • increase trust in systems, products, and services.



enterprise security; privacy framework; risk management
Control Families

None selected


Security and Privacy

privacy, risk management