💼 AT-1 SECURITY AWARENESS AND TRAINING POLICY AND PROCEDURES

ID: /frameworks/nist-sp-800-53-r4/at/01

Description

The organization: AT-1a. Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]: AT-1a.1. A security awareness and training policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and AT-1a.2. Procedures to facilitate the implementation of the security awareness and training policy and associated security awareness and training controls; and AT-1b. Reviews and updates the current: AT-1b.1. Security awareness and training policy [Assignment: organization-defined frequency]; and AT-1b.2. Security awareness and training procedures [Assignment: organization-defined frequency].

Similar

Internal
- ID: dec-c-1f82e463

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 ID.GV-1: Organizational cybersecurity policy is established and communicated					no data
💼 NIST CSF v1.1 → 💼 ID.GV-3: Legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed		1	4		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections