It pays to be prepared.

Align Your Program With the NIST Privacy Framework ​

The NIST Privacy Framework is a tool developed by the National Institutes of Standards and Technology to help organization manage privacy risks. It was published in 2020 as a companion to the NIST Cybersecurity Framework which is a tool for organizations to manage cybersecurity risks. The Privacy Framework can be a dense document for those first approaching it. 

NIST uses very unique verbiage and jargon that may not be familiar to even the most seasoned privacy professionals. While strongly recommended for those organization already implementing the NIST Cybersecurity Framework, the Privacy Framework can be used by any organization that wants to improve their privacy posture. The Privacy Framework has three components: the CORE, PROFILES and IMPLEMENTATION TIERS

Your NIST Privacy Framework Consultants

Few other consultants have the requisite knowledge and skill to properly apply the framework. Enterprivacy Consulting Group’s R. Jason Cronk has been intimately involved in the framework’s development: 

  • Instrumental in the initial drafting, participating stakeholder workshops and providing copious comments on early drafts.
  • Worked with one of the early adopters to align their program to the framework even before final release.
  • Contributed the GDPR to NIST Privacy Framework crosswalk.
  • Active and frequent participant in the Privacy Workforce Working Group to define TKS (Task, Knowledge and Skill) statements for each outcome in the framework.
  • Authoring a new book coming 2024!

"I may not have gone where I intended to go, but I think I have ended up where I needed to be."

Douglas Adams, The Long Dark Tea-Time of the Soul (1988)


As one of the foremost experts on the NIST Privacy Framework, you can have us on speed dial. Whether you need an on-demand expert to answer your burning questions or want to regularly consult with us on a weekly or monthly basis and have us review your plans, provide commentary or answer NIST specific questions, we have an option for you.

Third party assessments help an organization gauge how they are doing and what  they can be doing better. Many companies, leveraging the reputation of NIST,  want an assessment against the Privacy Framework, but the framework is not a conformance standard, and requires customization before an assessment can be conducted.

If you want to go to the next level and get full blown implementation assistance, look no further! We follow a 5 Step Process to Success:

  1. Begin with the End in Mind
  2. Develop your Target Profile
  3. Find your Current State
  4. Bridge the Gap
  5. Roadmap to Success


A knowledgeable and skilled workforce is a key to success in your privacy and cybersecurity program. NIST is in the process of revising their Special Publication 800-50  for how to create and operate a Cybersecurity and Privacy Learning Program. Training is one of Enterprivacy Consulting Group’s strengths and we can help you create a successful learning program for cybersecurity and privacy.

Implementation of the NIST Privacy Framework can be challenging. If you’re just beginning your journey, we recommend first you head over to our training. We offer the most comprehensive training in the world on the NIST Privacy Framework. From introductory online courses to intensives and practicums, we can even customize training to your team if you need it!

In addition to our highly specialized consulting services, we offer an abundance of resources to help you enhance your understanding of fundamental NIST privacy concepts and support your organization’s improved privacy program.

Schedule a Consultation

Privacy should always be a guarantee… together we can make it so! Your contact information will only be used to discuss potential services with you.