Compliance

Ensuring consistency with legal and policy rules that protect privacy during mission activities.

Overview

NSA has often been described as having a robust "Culture of Compliance." However, it is important to understand that it's more than that; it was not our goal, but it was the result. We learned best practices from industry and government standards for compliance and built a cadre of dedicated personnel who are dedicated to NSA's core values. In turn, they created a normalized set of rules and practices that govern the lawful activities of our employees and technology and instilled a sense of responsibility for compliance in our employees in everything they do. Those rules are meant to prevent and detect undesirable behavior if and when it occurs. The Compliance Group focuses on keeping NSA's activities consistent with the laws, policies, and procedures that are designed and implemented to protect privacy and civil liberties as NSA conducts its foreign intelligence and cybersecurity missions. These effective compliance controls and NSA's commitment to transparency that the Compliance Group has built throughout the years all work together to comprise NSA's "culture of compliance."

Leadership

There is a Director of Compliance of the National Security Agency, who shall be appointed by the Director of the National Security Agency and who shall be responsible for the programs of compliance over mission activities of the National Security Agency.-- The National Security Agency Act of 1959, 50 U.S.C. § 3602(b).

Resources

NSA's Compliance Group provides these resources to support our work.