💼 AT-2 Literacy Training and Awareness

Description

a. Provide security and privacy literacy training to system users (including managers, senior executives, and contractors):

As part of initial training for new users and [Assignment: organization-defined frequency] thereafter; and
When required by system changes or following [Assignment: organization-defined events]; b. Employ the following techniques to increase the security and privacy awareness of system users [Assignment: organization-defined awareness techniques]; c. Update literacy training and awareness content [Assignment: organization-defined frequency] and following [Assignment: organization-defined events]; and d. Incorporate lessons learned from internal or external security incidents or breaches into literacy training and awareness techniques.

Section	Sub Sections	Policies	Compliance
💼 FedRAMP High Security Controls → 💼 AT-2 Literacy Training and Awareness (L)(M)(H)	2		no data
💼 FedRAMP Low Security Controls → 💼 AT-2 Literacy Training and Awareness (L)(M)(H)	1		no data
💼 NIST CSF v2.0 → 💼 PR.AT-01: Personnel are provided with awareness and training so that they possess the knowledge and skills to perform general tasks with cybersecurity risks in mind		8	no data

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 AT-2(1) Literacy Training and Awareness _ Practical Exercises					no data
💼 AT-2(2) Literacy Training and Awareness _ Insider Threat					no data
💼 AT-2(3) Literacy Training and Awareness _ Social Engineering and Mining					no data
💼 AT-2(4) Literacy Training and Awareness _ Suspicious Communications and Anomalous System Behavior					no data
💼 AT-2(5) Literacy Training and Awareness _ Advanced Persistent Threat					no data
💼 AT-2(6) Literacy Training and Awareness _ Cyber Threat Environment					no data