NIST SP 800-181

United States

vRev 1

11 domains

38 controls

NICE Cybersecurity Workforce Framework - defines categories, specialty areas, and work roles for the cybersecurity workforce

Verified

Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.

Framework Domains (11)

Applying the NICE Framework

2 controls

Controls in the Applying the NICE Framework domain of NIST SP 800-181 — 2 controls
Code	Title	Description
NICE.APP.EDU	Education and Training Alignment	Use the NICE Framework to align education, training, and credentialing programs to ensure they prepare individuals for t...
NICE.APP.PLAN	Workforce Planning Application	Use the NICE Framework to support workforce planning including identifying current workforce capability, projecting futu...

Knowledge Skills and Abilities

2 controls

Controls in the Knowledge Skills and Abilities domain of NIST SP 800-181 — 2 controls
Code	Title	Description
NICE.KSA.K	Knowledge Items Tracking	Track and assess knowledge items that NICE work roles require including knowledge of cybersecurity principles, threats,...
NICE.KSA.S	Skill Items Tracking	Track and assess skill items that NICE work roles require demonstrating proficiency in applying knowledge to perform cyb...

NICE Framework Categories

7 controls

Controls in the NICE Framework Categories domain of NIST SP 800-181 — 7 controls
Code	Title	Description
NICE.CAT.AN	Analyze Category Adoption	Adopt the Analyze category which performs highly specialized review and evaluation of incoming cybersecurity information...
NICE.CAT.CO	Collect and Operate Category Adoption	Adopt the Collect and Operate category which provides specialized denial and deception operations and collection of cybe...
NICE.CAT.IN	Investigate Category Adoption	Adopt the Investigate category which investigates cybersecurity events or crimes related to information technology syste...
NICE.CAT.OM	Operate and Maintain Category Adoption	Adopt the Operate and Maintain category which provides the support, administration, and maintenance necessary to ensure...
NICE.CAT.OV	Oversee and Govern Category Adoption	Adopt the Oversee and Govern category which provides leadership, management, direction, or development and advocacy for...
NICE.CAT.PR	Protect and Defend Category Adoption	Adopt the Protect and Defend category which identifies, analyzes, and mitigates threats to internal information technolo...
NICE.CAT.SP	Securely Provision Category Adoption	Adopt the Securely Provision category which covers work roles responsible for conceptualizing, designing, procuring, and...

NICE Work Roles

9 controls

Controls in the NICE Work Roles domain of NIST SP 800-181 — 9 controls
Code	Title	Description
NICE.WR.CRM	Cyber Legal Advisor Work Role	Designate Cyber Legal Advisor work role that provides legal advice and recommendations on relevant topics related to cyb...
NICE.WR.IRR	Cyber Defense Incident Responder Work Role	Designate Cyber Defense Incident Responder work role that investigates, analyzes, and responds to cyber incidents within...
NICE.WR.ISO	Information Systems Security Manager Work Role	Designate Information Systems Security Manager work role that is responsible for the cybersecurity of a program, organiz...
NICE.WR.PME	Cyber Workforce Developer and Manager Work Role	Designate Cyber Workforce Developer and Manager work role that develops cyberspace workforce plans, strategies, and guid...
NICE.WR.SAA	Security Control Assessor Work Role	Designate Security Control Assessor work role that conducts independent comprehensive assessments of the management, ope...
NICE.WR.SAR	Security Architect Work Role	Designate Security Architect work role that ensures the stakeholder security requirements necessary to protect the organ...
NICE.WR.SDA	Systems Developer Work Role	Designate Systems Developer work role with responsibility for developing, creating, modifying, and maintaining computer...
NICE.WR.SOA	Cyber Defense Analyst Work Role	Designate Cyber Defense Analyst work role that uses data collected from a variety of cyber defense tools to analyze even...
NICE.WR.VAM	Vulnerability Assessment Analyst Work Role	Designate Vulnerability Assessment Analyst work role that performs assessments of systems and networks within the networ...

NIST SP 800-181: Access Control

5 controls

Logical and physical access controls (NIST SP 800-181)

Controls in the NIST SP 800-181: Access Control domain of NIST SP 800-181 — 5 controls
Code	Title	Description
NICE-CAT-CO	Category: Collect and Operate (CO)	Provides specialized denial and deception operations and collection of cybersecurity information that may develop intell...
NICE-CAT-IN	Category: Investigate (IN)	Investigates cybersecurity events or crimes related to information technology systems, networks, and digital evidence.
NICE-WM-EDUCATE	Workforce Management: Educate and Train	Align education and training offerings to the KSAs and tasks of specific work roles to close capability gaps.
NICE-WM-IDENTIFY	Workforce Management: Identify Workforce Needs	Identify cybersecurity workforce needs by using the NICE Framework to inventory and categorize the work performed and th...
NICE-WM-RECRUIT	Workforce Management: Recruit and Hire Talent	Use the NICE Framework to write clearer position descriptions and assess candidates against work-role tasks and KSAs.

NIST SP 800-181: Asset Management

5 controls

Information asset management (NIST SP 800-181)

Controls in the NIST SP 800-181: Asset Management domain of NIST SP 800-181 — 5 controls
Code	Title	Description
NICE-CAT-AN	Category: Analyze (AN)	Performs highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for...
NICE-CAT-OM	Category: Operate and Maintain (OM)	Provides the support, administration, and maintenance necessary to ensure effective and efficient IT system performance...
NICE-CAT-OV	Category: Oversee and Govern (OV)	Provides leadership, management, direction, and advocacy so the organization may effectively conduct cybersecurity work.
NICE-CAT-PR	Category: Protect and Defend (PR)	Identifies, analyzes, and mitigates threats to internal IT systems and/or networks.
NICE-CAT-SP	Category: Securely Provision (SP)	Conceptualizes, designs, procures, and builds secure information technology systems, with responsibility for system and/...

NIST SP 800-181: Communications Security

0 controls

Network and communications security (NIST SP 800-181)

NIST SP 800-181: Cryptography

2 controls

Cryptographic controls (NIST SP 800-181)

Controls in the NIST SP 800-181: Cryptography domain of NIST SP 800-181 — 2 controls
Code	Title	Description
NICE-COMPETENCIES	Competencies	Mechanisms for organizations to assess learners and employees on groups of related KSAs aligned to work roles.
NICE-WM-RETAIN	Workforce Management: Retain and Develop	Use the NICE Framework to define career paths and professional development for retaining highly skilled cybersecurity ta...

NIST SP 800-181: Information Security Policies

5 controls

Organizational information security policies (NIST SP 800-181)

Controls in the NIST SP 800-181: Information Security Policies domain of NIST SP 800-181 — 5 controls
Code	Title	Description
NICE-COMP-CATEGORIES	Component: Categories	A high-level grouping of common cybersecurity functions; the seven categories organize the NICE Framework.
NICE-COMP-KSA	Component: Knowledge, Skills, and Abilities (KSAs)	The attributes required to perform tasks, generally demonstrated through relevant experience, education, or training.
NICE-COMP-SPECIALTY	Component: Specialty Areas	Distinct areas of cybersecurity work within each category.
NICE-COMP-TASKS	Component: Tasks	The specific work activities a cybersecurity worker performs within a work role.
NICE-COMP-WORKROLES	Component: Work Roles	The most detailed grouping of cybersecurity work, comprised of specific knowledge, skills, abilities, and tasks required...

NIST SP 800-181: Operations Security

0 controls

Secure operations and monitoring (NIST SP 800-181)

Tasks

1 controls

Controls in the Tasks domain of NIST SP 800-181 — 1 controls
Code	Title	Description
NICE.TASK	Task Statements Adoption	Adopt NICE task statements that describe specific work activities each role is expected to perform with clear task ident...

Maps to 1 other framework

38 total controls

NIST SP 800-53 Rev 5

17 source controls mapped|3 target controls covered

45%

Compare NIST SP 800-181 with NIST SP 800-53 Rev 5

Frequently Asked Questions

What is NIST SP 800-181?

NIST SP 800-181 is a compliance framework from United States with 11 domains and 38 controls. NICE Cybersecurity Workforce Framework - defines categories, specialty areas, and work roles for the cybersecurity workforce It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.

How many controls does NIST SP 800-181 have?

NIST SP 800-181 has 38 controls organised across 11 domains. The largest domains are NICE Work Roles (9 controls), NICE Framework Categories (7 controls), NIST SP 800-181: Access Control (5 controls). Each control defines specific requirements that organisations must implement to achieve compliance.

What frameworks does NIST SP 800-181 map to?

NIST SP 800-181 maps to 1 other compliance frameworks. The top mapping partners are NIST SP 800-53 Rev 5 (45% coverage). Use our comparison tool to explore control-level mappings between frameworks.

How do I get started with NIST SP 800-181 compliance?

Start your NIST SP 800-181 compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about NIST SP 800-181 requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 38 controls and track your progress.

Start Your Compliance Journey

Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 701 frameworks.

Get Started Free →

Free forever — no credit card required