💼 A.7.2.2 Information security awareness, education and training

• ID: /frameworks/iso-iec-27001-2013/07/02/02

Description

All employees of the organization and, where relevant, contractors shall receive appropriate awareness education and training and regular updates in organizational policies and procedures, as relevant for their job function.

Similar

• Internal
  • ID: dec-c-755068ca

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 DE.DP-1: Roles and responsibilities for detection are well defined to ensure accountability					no data
💼 NIST CSF v1.1 → 💼 PR.AT-1: All users are informed and trained		7	7		no data
💼 NIST CSF v1.1 → 💼 PR.AT-2: Privileged users understand their roles and responsibilities					no data
💼 NIST CSF v1.1 → 💼 PR.AT-3: Third-party stakeholders (e.g., suppliers, customers, partners) understand their roles and responsibilities					no data
💼 NIST CSF v1.1 → 💼 PR.AT-4: Senior executives understand their roles and responsibilities					no data
💼 NIST CSF v1.1 → 💼 PR.AT-5: Physical and cybersecurity personnel understand their roles and responsibilities					no data
💼 NIST CSF v1.1 → 💼 PR.IP-11: Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)					no data
💼 NIST CSF v1.1 → 💼 RS.CO-1: Personnel know their roles and order of operations when a response is needed			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance