We welcome and encourage comments from all interested stakeholders. The proposals include: Cybersecurity Supply Chain Risk Management Work Role (new OG-WRL-017) Risk Management Work Role (new OG-WRL-018) Learning Program Management Work Role (new OG-WRL-019) Cryptography Competency Area (NF-COM-006) DevSecOps Competency Area (NF-COM-008) These proposed updates reflect the NICE Program Office’s commitment to maintaining the NICE Framework’s relevance to current cybersecurity practices through the active input of subject matter experts as well as the broader community of cybersecurity practitioners and educators. WE WANT TO HEAR FROM YOU! NICE welcomes comments on the proposed updates from all interested parties. Comments received by the February 2, 2026 deadline will be acknowledged by email. Comments will be reviewed and adjudicated, and feedback received during this comment period will be used to inform any necessary updates to the relevant proposed Components. Final updates will be incorporated in the next release of the NICE Framework Components. Take the following steps to share your feedback: Visit the NICE Framework Resource Center Public Comments page to access and review the proposed update spreadsheets Submit comments to NICEFramework@nist.gov by 11:59 pm ET on Monday, February 2, 2026 Join the NICE Framework Users Group to participate in community discussions! |