As businesses come to appreciate the importance of information security, more are implementing internal security awareness training programs. Given that individual employees are frequently the target of social engineering-type attacks or the source of vulnerabilities (such as weak passwords) security awareness training is an absolute necessity.
Security Control Baselines - Awareness and Training AT
CTRL No. | Control Name | Withdrawn Incorporated into; |
---|---|---|
AT-1 | Security Awareness and Training Policy and Procedures | -- |
AT-2 | Security Awareness Training | -- |
AT-3 | Role-Based Security Training | -- |
AT-4 | Security Training Records | -- |
AT-5 | Contacts with security groups and associations | PM-15 |