πΌ AT-2 Literacy Training and Awareness (L)(M)(H)
- Contextual name: πΌ AT-2 Literacy Training and Awareness (L)(M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/at/02 - Located in: πΌ Awareness and Training
Descriptionβ
a. Provide security and privacy literacy training to system users (including managers, senior executives, and contractors):
-
As part of initial training for new users and [FedRAMP Assignment: at least annually] thereafter; and
-
When required by system changes or following [Assignment: organization-defined events];
b. Employ the following techniques to increase the security and privacy awareness of system users [Assignment: organization-defined awareness techniques];
c. Update literacy training and awareness content [FedRAMP Assignment: at least annually] and following [Assignment: organization-defined events]; and
d. Incorporate lessons learned from internal or external security or privacy incidents into literacy training and awareness techniques.
Similarβ
- Sections
/frameworks/fedramp-high-security-controls/at/02
- Internal
- ID:
dec-c-f10ee401
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ AT-2 Literacy Training and Awareness (L)(M)(H) | 2 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ AT-2(2) Insider Threat (L)(M)(H) | ||||
| πΌ AT-2(3) Social Engineering and Mining (M)(H) |