would be responsible for the creation of standards and guidelines on secure software development for application by government, industry, and academia.
6. The ITL and the Software and Systems Division should reconsider the SSD mission statement, given the fresh focus of the new leadership, and after the SSD strategic planning process is complete.
7. The ITL and the Software and Systems Division should hire additional formally trained individuals in the SSD’s core foundational areas.
8. The Information Access Division (IAD) supports the development of technologies and their transition into the commercial marketplace as well as government applications. The division currently relies on substantial and sustained amounts of other agency (OA) funding (approximately 60 percent of IAD funding). Most of the OA funding is security-related (from the Department of Homeland Security, the Department of Defense, the Federal Bureau of Investigation, and the Intelligence Advanced Research Projects Activity). The reports, standards, and evaluation studies of the IAD are closely followed by academia and industry. In light of increasing foreign dominance of the biometric industry, IAD’s reliance on OA funding, and IAD’s work in support of biometrics technology development, it is important that the IAD and the ITL remain mindful of the NIST mission to promote U.S. innovation and industrial competitiveness, and so IAD efforts should continue to place highest priority on the needs of the nation’s commerce even while pursuing activities involving international sponsors.
9. The ITL should review the approval process of the Institutional Review Board6 to maximize the efficiency of the process and minimize unnecessary latency.
6 See http://www.hhs.gov/ohrp/humansubjects/commonrule/. Accessed July 11, 2011. The Office for Human Research Protections at the Department of Health and Human Services provides oversight for the protection of human subjects in research through the regulations that are spelled out for Institutional Review Boards in the so-called Common Rule (45 C.F.R. 46).