💼 AT-2 Literacy Training and Awareness

• Contextual name: 💼 AT-2 Literacy Training and Awareness
• ID: /frameworks/nist-sp-800-53-r5/at/02
• Located in: 💼 AT Awareness And Training

Description

a. Provide security and privacy literacy training to system users (including managers, senior executives, and contractors):

1. As part of initial training for new users and [Assignment: organization-defined frequency] thereafter; and
2. When required by system changes or following [Assignment: organization-defined events]; b. Employ the following techniques to increase the security and privacy awareness of system users [Assignment: organization-defined awareness techniques]; c. Update literacy training and awareness content [Assignment: organization-defined frequency] and following [Assignment: organization-defined events]; and d. Incorporate lessons learned from internal or external security incidents or breaches into literacy training and awareness techniques.

Similar

• Internal
  • ID: dec-c-71d48d29

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 AT-2 Literacy Training and Awareness (L)(M)(H)	2
💼 FedRAMP Low Security Controls → 💼 AT-2 Literacy Training and Awareness (L)(M)(H)	1
💼 NIST CSF v2.0 → 💼 PR.AT-01: Personnel are provided with awareness and training so that they possess the knowledge and skills to perform general tasks with cybersecurity risks in mind			7

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AT-2(1) Literacy Training and Awareness _ Practical Exercises
💼 AT-2(2) Literacy Training and Awareness _ Insider Threat
💼 AT-2(3) Literacy Training and Awareness _ Social Engineering and Mining
💼 AT-2(4) Literacy Training and Awareness _ Suspicious Communications and Anomalous System Behavior
💼 AT-2(5) Literacy Training and Awareness _ Advanced Persistent Threat
💼 AT-2(6) Literacy Training and Awareness _ Cyber Threat Environment