PR.AT-01.218

Does your organization require annual refresher training for all employees to reinforce existing security practices and introduce new ones?

Explanation

Regular refresher training helps maintain security awareness and ensures employees stay updated on evolving threats and organizational security practices. Annual refreshers can address common security mistakes observed throughout the year, introduce new security tools or procedures, and reinforce critical security behaviors that may have weakened over time. Evidence of compliance could include training completion records, annual training calendars showing scheduled refresher sessions, training materials with timestamps showing annual updates, or a formal policy document specifying the requirement for annual security refresher training.

Implementation Example

Require annual refreshers to reinforce existing practices and introduce new practices

ID: PR.AT-01.218

Context

Function: PR: PROTECT
Category: PR.AT: Awareness and Training
Sub-Category: Personnel are provided with awareness and training so that they possess the knowledge and skills to perform general tasks with cybersecurity risks in mind

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub