Privacy Impact Assessment (PIA) Program (RA-8)

Have Questions?
Talk to an ASP Expert at 703-254-3202

Description: NIST RMF program document detailing the requirements relating to a Privacy Impact Assessment (PIA) as described in RA-6 of NIST SP 800-53, Revision 5. The PIA includes the following sections:

  • SECTION I - GENERAL INFORMATION
  • SECTION II - PII IN THE SYSTEM
  • SECTION III - ATTRIBUTES OF THE DATA (USE AND ACCURACY)
  • SECTION IV - SHARING PRACTICES
  • SECTION V - NOTICE TO INDIVIDUALS TO DECLINE/CONSENT USE
  • SECTION VI - ACCESS TO DATA
  • SECTION VII - PRIVACY ANALYSIS

Specifications: Developed in accordance with NIST SP 800-53, Revision 5 (12-10-2020), and other related security control frameworks, where applicable.

Control Family: Risk Assessment (RA).

Control Mapping: RA-8.

Security Control Baseline Coverage: Includes coverage for all LOW, MOD, and HIGH Baselines, per NIST SP 800-53B (12-10-2020).

Direct Compliance Use: FISMA, FedRAMP, NISP eMASS RMF, and other related NIST RMF reporting requirements for security and privacy. Can be used for mapping to DFARS NIST 800-171 and CMMC controls, where applicable.

Format: MS Word document (.docx).

Length: 19 pages.

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.


What Our Customers Are Saying


Companies Who Trust Us