PR.AT-02—Individuals in specialized roles are provided with awareness and training so that they possess the knowledge and skills to perform relevant tasks with cybersecurity risks in mind
>Control Description
This awareness and training subcategory ensures that individuals in specialized roles are provided with awareness and training so that they possess the knowledge and skills to perform relevant tasks with cybersecurity risks in mind. Key activities include: Identify the specialized roles within the organization that require additional cybersecurity training, such as physical and cybersecurity personnel...; Provide role-based cybersecurity awareness and training to all those in specialized roles, including contractors, partners, suppliers, and other th...; Periodically assess or test users on their understanding of cybersecurity practices for their specialized roles.
>Cross-Framework Mappings
>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
DCS-11
HRS-09
HRS-12
HRS-13
SEF-03
UEM-14
CIS Controls v8.0
14.9
CIS Controls v8.1
14.9
CRI Profile v2.0
PR.AT-02
PR.AT-02.01
PR.AT-02.02
PR.AT-02.03
PR.AT-02.04
PR.AT-02.05
PR.AT-02.06
PR.AT-02.07
+1 more
CSF v1.1
PR.AT-2
PR.AT-3
PR.AT-4
PR.AT-5
CoP
C3
C4
ISO/IEC 27001:2022
Mandatory Clause: 7.3
Annex A Controls: 5.2
Annex A Controls: 6.3
NICE Framework
IO-WRL-007
OG-WRL-002
OG-WRL-003
OG-WRL-004
OG-WRL-005
PCI DSS
6.2.2
12.10.4
12.10.4.1
SCF
SAT-03
SAT-03.6
SP 800-171 Rev 3
03.02.02
SP 800-218
PO.2.2
SP 800-221A
GV.CT-3
GV.CT-4
GV.RR-2
SP 800-53 Rev 5.1.1
AT-03
SP 800-53 Rev 5.2.0
AT-03
Ask AI
Configure your API key to use AI features.