πΌ AT-3 ROLE-BASED SECURITY TRAINING
- Contextual name: πΌ AT-3 ROLE-BASED SECURITY TRAINING
- ID:
/frameworks/nist-sp-800-53-r4/at/03 - Located in: πΌ AT AWARENESS AND TRAINING
Descriptionβ
The organization provides role-based security training to personnel with assigned security roles and responsibilities: AT-3a. Before authorizing access to the information system or performing assigned duties; AT-3b. When required by information system changes; and AT-3c. [Assignment: organization-defined frequency] thereafter.
Similarβ
- Internal
- ID:
dec-c-6e19dcd6
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ PR.AT-2: Privileged users understand their roles and responsibilities | ||||
| πΌ NIST CSF v1.1 β πΌ PR.AT-4: Senior executives understand their roles and responsibilities | ||||
| πΌ NIST CSF v1.1 β πΌ PR.AT-5: Physical and cybersecurity personnel understand their roles and responsibilities |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ AT-3 (1) ENVIRONMENTAL CONTROLS | ||||
| πΌ AT-3 (2) PHYSICAL SECURITY CONTROLS | ||||
| πΌ AT-3 (3) PRACTICAL EXERCISES | ||||
| πΌ AT-3 (4) SUSPICIOUS COMMUNICATIONS AND ANOMALOUS SYSTEM BEHAVIOR |