homepage
Open menu
SANS_Headers_-_Nice_Framework2.jpg

Oversee and Govern

Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.
NICE Framework
Legal Advice and AdvocacyTraining, Education, and AwarenessCybersecurity ManagementStrategic Planning and PolicyExecutive Cyber LeadershipAcquisition and Program/Project Management

Legal Advice and Advocacy (LGA)

Legal Advice and Advocacy provides legally sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain. Advocates legal and policy changes, and makes a case on behalf of client via a wide range of written and oral work products, including legal briefs and proceedings.

Training, Education, and Awareness (TEA)

Training, Education, and Awareness conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.

Cybersecurity Management (MGT)

Cybersecurity Management oversees the cybersecurity program of an information system or network; including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources.

Strategic Planning and Policy (SPP)

Strategic Planning and Policy develops policies and plans and/or advocates for changes in policy that supports organizational cyberspace initiatives or required changes/enhancements.

Executive Cyber Leadership (EXL)

Executive Cyber Leadership supervises, manages, and/or leads work and workers performing cyber and cyber-related and/or cyber operations work.

Program/Project Management (PMA) and Acquisition

Program/Project Management and Acquisition applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs. Executes duties governing hardware, software, and information system acquisition programs and other program management policies. Provides direct support for acquisitions that use information technology (IT) (including National Security Systems), applying IT-related laws and policies, and provides IT-related guidance throughout the total acquisition life-cycle.