[Congressional Bills 118th Congress]
[From the U.S. Government Publishing Office]
[S. 3792 Introduced in Senate (IS)]

<DOC>






118th CONGRESS
  2d Session
                                S. 3792

  To expand the functions of the National Institute of Standards and 
 Technology to include workforce frameworks for critical and emerging 
  technologies, to require the Director of the National Institute of 
    Standards and Technology to develop an artificial intelligence 
 workforce framework, and periodically review and update the National 
    Initiative for Cybersecurity Education Workforce Framework for 
                 Cybersecurity, and for other purposes.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

             February 8 (legislative day, February 7), 2024

Mr. Peters (for himself and Mr. Schmitt) introduced the following bill; 
    which was read twice and referred to the Committee on Commerce, 
                      Science, and Transportation

_______________________________________________________________________

                                 A BILL


 
  To expand the functions of the National Institute of Standards and 
 Technology to include workforce frameworks for critical and emerging 
  technologies, to require the Director of the National Institute of 
    Standards and Technology to develop an artificial intelligence 
 workforce framework, and periodically review and update the National 
    Initiative for Cybersecurity Education Workforce Framework for 
                 Cybersecurity, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Technology Workforce Framework Act 
of 2024''.

SEC. 2. WORKFORCE FRAMEWORKS FOR CRITICAL AND EMERGING TECHNOLOGIES.

    (a) Definitions.--
            (1) In general.--In this section, the terms 
        ``competencies'', ``workforce categories'', and ``workforce 
        framework'' have the meanings given such terms in subsection 
        (f) of section 2 of the National Institute of Standards and 
        Technology Act (15 U.S.C. 272), as added by subsection (b) of 
        this section.
            (2) Amendment to nist act.--Section 2 of such Act (15 
        U.S.C. 272) is amended by adding at the end the following:
    ``(f) Definitions.--In this section:
            ``(1) Competencies.--The term `competencies' means 
        knowledge and skills.
            ``(2) Workforce categories.--The term `workforce 
        categories' means a high-level grouping of tasks that are 
        performed by workers within an organization.
            ``(3) Workforce framework.--The term `workforce framework' 
        means a common taxonomy and lexicon for any given domain that 
        includes the building blocks of tasks, knowledge, or skills 
        that can be structured to form work roles or competency 
        areas.''.
    (b) Expansion of Functions of Director of National Institute of 
Standards and Technology To Include Workforce Frameworks for Critical 
and Emerging Technologies.--Section 2(b) of such Act (15 U.S.C. 272(b)) 
is amended--
            (1) in paragraph (12), by striking ``; and'' and inserting 
        a semicolon;
            (2) in paragraph (13), by striking the period at the end 
        and inserting ``; and''; and
            (3) by adding at the end the following:
            ``(14)(A) to develop, maintain, and provide industry, 
        government, research, nonprofit, and educational institutions 
        with workforce frameworks for critical and emerging 
        technologies and other science, technology, engineering, and 
        mathematics domains for the purpose of bolstering scientific 
        and technical education, training, and workforce development;
            ``(B) at least once every 3 years--
                    ``(i) to determine if an update to any workforce 
                framework, or its components or associated materials, 
                including work roles or competency areas, provided 
                pursuant to subparagraph (A) are appropriate; and
                    ``(ii) if the Director determines it is appropriate 
                under clause (i), to update such frameworks and 
                components;
            ``(C) consider including in all workforce frameworks, or 
        associated materials--
                    ``(i) relevant professional skills or employability 
                skills;
                    ``(ii) relevant support or operations skills or 
                workforce categories, work roles, and competency areas 
                such as administration and finance, law and policy, 
                ethics, privacy, human resources, information 
                technology, operational technology, supply chain 
                security, and acquisition and procurement;
                    ``(iii) information for how individuals with 
                nontechnical or other nontraditional backgrounds and 
                education may utilize their skills for work roles or 
                tasks in such frameworks;
                    ``(iv) distinctions between certifications, 
                certificates, and degrees, including--
                            ``(I) the importance of each;
                            ``(II) how each should be used; and
                            ``(III) where each one is most beneficial; 
                        and
                    ``(v) methods for validation of skills;
            ``(D) consult, as the Director considers appropriate, with 
        Federal agencies, industry, State, local, Tribal, and 
        territorial government, nonprofit, research, and academic 
        institutions in the development of workforce frameworks, or 
        associated materials;
            ``(E) to produce resources in multiple languages to support 
        global adoption of the frameworks provided pursuant to 
        subparagraph (A); and
            ``(F) after each determination under subparagraph (B), to 
        submit to Congress a report on such determination and any plans 
        to review and update any workforce frameworks under this 
        paragraph.''.
    (c) NICE Workforce Framework for Cybersecurity Update.--
            (1) Report on updates.--
                    (A) In general.--Not later than 180 days after the 
                date of the enactment of this Act, and subsequently 
                pursuant to paragraph (14)(F) of section (2)(b) of the 
                National Institute of Standards and Technology Act (15 
                U.S.C. 272(b)), as added by subsection (b) of this 
                section, the Director of the National Institute of 
                Standards and Technology shall submit to Congress a 
                report that describes the process for ongoing review 
                and updates to the National Initiative for 
                Cybersecurity Education Workforce Framework for 
                Cybersecurity (NIST Special Publication 800-181), or a 
                successor framework.
                    (B) Requirements.--Each report submitted pursuant 
                to subparagraph (A) shall--
                            (i) summarize proposed changes to the 
                        framework;
                            (ii) identify, with regard to the work 
                        roles, tasks, knowledge, and skills included in 
                        the framework, how industry, academia, and 
                        relevant government agencies are consulted in 
                        the update; and
                            (iii) describe--
                                    (I) the ongoing process and 
                                timeline for updating the framework; 
                                and
                                    (II) the incorporation of any 
                                additional work roles or competency 
                                areas in domains such as administration 
                                and finance, law and policy, ethics, 
                                privacy, human resources, information 
                                technology, operational technology, 
                                supply chain security, and acquisition 
                                and procurement.
            (2) Report on application and use of nice framework.--Not 
        later than 3 years after the date of the enactment of this Act 
        and not less frequently than once every 3 years thereafter for 
        9 years, the Director shall, in consultation with industry, 
        government, nonprofit, research, and academic institutions, 
        submit to Congress a report that identifies--
                    (A) applications and uses of the framework 
                described in paragraph (1)(A) in practice;
                    (B) any guidance that the program office of the 
                National Initiative for Cybersecurity Education 
                provides to increase adoption by employers and 
                education and training providers of the work roles and 
                competency areas for individuals who perform 
                cybersecurity work at all proficiency levels;
                    (C) available information regarding employer and 
                education and training provider use of the framework;
                    (D) an assessment of the use and effectiveness of 
                the framework by and for individuals with 
                nontraditional backgrounds or education, especially 
                individuals making a career change or not pursuing a 
                bachelor's degree or higher; and
                    (E) any additional actions taken by the Director to 
                increase the use of the framework.
            (3) Cybersecurity career exploration resources.--The 
        Director, acting through the National Initiative for 
        Cybersecurity Education, shall disseminate cybersecurity career 
        resources for all age groups, including kindergarten through 
        secondary and postsecondary education and adult workers.
    (d) Additional Workforce Frameworks.--
            (1) Framework assessment.--Not later than 180 days after 
        the date of the enactment of this Act, the Director shall 
        assess the need for additional workforce frameworks for 
        critical and emerging technologies, such as quantum information 
        science.
            (2) Development of additional frameworks.--
                    (A) In general.--The Director shall develop and 
                publish a workforce framework for each additional 
                workforce framework that the Director determines is 
                needed pursuant to an assessment carried out pursuant 
                to paragraph (1).
                    (B) Required ai framework.--Notwithstanding 
                paragraph (1) and subparagraph (A) of this paragraph, 
                not less than 540 days after the date of the enactment 
                of this Act, the Director shall develop and publish a 
                workforce framework, workforce categories, work roles, 
                and competency areas for artificial intelligence.
            (3) Model.--In developing a workforce framework under 
        paragraph (2), the Director may use the Playbook for Workforce 
        Frameworks developed by the National Initiative for 
        Cybersecurity Education that is modeled after the National 
        Initiative for Cybersecurity Education Workforce Framework for 
        Cybersecurity (NIST Special Publication 800-181), or a 
        successor framework.
            (4) Framework components.--Each framework developed 
        pursuant to paragraph (2) shall include appropriate support or 
        operations skills or workforce categories, work roles, and 
        competency areas such as administration and finance, law and 
        policy, ethics, privacy, human resources, information 
        technology, operational technology, supply chain security, and 
        acquisition and procurement, as the Director considers 
        appropriate, in alignment with paragraph (14)(C) of section 
        2(b) of the National Institute of Standards and Technology Act 
        (15 U.S.C. 272(b), as added by subsection (b).
            (5) Professional skills required.--Each framework developed 
        pursuant to paragraph (2) shall include professional skills or 
        employability skills, as the Director considers appropriate, in 
        alignment with paragraph (14)(C) of section 2(b) of the 
        National Institute of Standards and Technology Act (15 U.S.C. 
        272(b), as added by subsection (b).
            (6) Nontraditional backgrounds.--Each framework developed 
        under paragraph (2), or materials associated with each 
        framework, shall include information for how individuals with 
        nontechnical or other nontraditional backgrounds and education 
        may utilize their skills for such frameworks' roles and tasks, 
        in alignment with paragraph (14)(D) of section 2(b) of the such 
        Act (15 U.S.C. 272(b)(14)(D)), as so added.
            (7) Updates.--The Director shall update each framework 
        developed under paragraph (2) in accordance with subparagraph 
        (B) of paragraph (14) of section 2(b) of the National Institute 
        of Standards and Technology Act (15 U.S.C. 272(b)), as added by 
        subsection (b) of this section, and submit to Congress reports 
        in accordance with subparagraph (F) of such paragraph.
                                 <all>