3.1.7 Cyber Security Training
| No: 381000091275 | Date(g): 24/5/2017 | Date(h): 28/8/1438 |
Effective from May 24 2017 - May 23 2017
To view other versions open the versions tab on the right
Principle
Staff of the Member Organization should be provided with training regarding how to operate the Member Organization's systems securely and to address and apply cyber security controls.
Objective
To ensure that staff of the Member Organization are equipped with the skills and required knowledge to protect the Member Organization's information assets and to fulfil their cyber security responsibilities.
Control considerations
| 1. | Specialist or security-related skills training should be provided to staff in the Member Organization's relevant functional area categories in line with their job descriptions, including: | |
| a. | key roles within the organization; | |
| b. | staff of the cyber security function; | |
| c. | staff involved in developing and (technically) maintaining information assets; | |
| d. | staff involved in risk assessments. | |
| 2. | Education should be provided in order to equip staff with the skills and required knowledge to securely operate the Member Organization's information assets. | |