💼 AT-2 Literacy Training and Awareness (L)(M)(H)
- Contextual name: 💼 AT-2 Literacy Training and Awareness (L)(M)(H)
- ID:
/frameworks/fedramp-high-security-controls/at/02 - Located in: 💼 Awareness and Training
Description​
a. Provide security and privacy literacy training to system users (including managers, senior executives, and contractors):
-
As part of initial training for new users and [FedRAMP Assignment: at least annually] thereafter; and
-
When required by system changes or following [Assignment: organization-defined events];
b. Employ the following techniques to increase the security and privacy awareness of system users [Assignment: organization-defined awareness techniques];
c. Update literacy training and awareness content [FedRAMP Assignment: at least annually] and following [Assignment: organization-defined events]; and
d. Incorporate lessons learned from internal or external security or privacy incidents into literacy training and awareness techniques.
Similar​
- Sections
/frameworks/nist-sp-800-53-r5/at/02
- Internal
- ID:
dec-c-f10ee401
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 AT-2 Literacy Training and Awareness | 6 |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 FedRAMP Low Security Controls → 💼 AT-2 Literacy Training and Awareness (L)(M)(H) | 1 | |||
| 💼 FedRAMP Moderate Security Controls → 💼 AT-2 Literacy Training and Awareness (L)(M)(H) | 2 |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 AT-2(2) Insider Threat (L)(M)(H) | ||||
| 💼 AT-2(3) Social Engineering and Mining (M)(H) |