Friday, July 21, 2023

NIST Privacy Framework Maturity Model

The NIST Privacy Framework (PF) is an interesting model for building and assessing a formalized privacy program. Sure - I agree - it's not as detailed as what can be found on ARMA, but it's familiarity with the NIST Cybersecurity Framework (CSF) makes it approachable and easier to share with stakeholders. 

This important distinction can help drive interest and stakeholder involvement.

The implementation of any model or checklist is only useful as a point in time assessment, and finding a way to extrapolate quantifiable growth is the key to successful implementation and gaining value from the effort. 

And so - along those lines - please enjoy access to a free tool for measuring your privacy framework as it stands currently versus your desired state during the next periodic timetable you choose to set. 

It's unlocked. Use as you see fit: Blog Downloads ( or davischr2/Cloud-Documents (

Cross posted on LinkedIn: NIST Privacy Framework Maturity Model | LinkedIn