The IT Law Wiki

Security awareness training

32,080pages on
this wiki
Add New Page
Add New Page Talk0

Overview Edit

According to FISMA, an agencywide information security program must include security awareness training for agency personnel, contractors, and other users of information systems that support the agency's operations and assets. This training must cover (1) information security risks associated with users' activities and (2) users' responsibilities in complying with agency policies and procedures designed to reduce these risks. FISMA also includes requirements for training personnel with significant responsibilities for information security.

In addition, OMB requires that personnel be trained before they are granted access to systems or applications. The training is intended to ensure that personnel are aware of the system or application's rules, their responsibilities, and their expected behavior.

Also on Fandom

Random Wiki