PR.AT-02.222

Does your organization require annual refresher training for all employees to reinforce existing security practices and introduce new ones?

Explanation

Regular security refresher training ensures employees maintain awareness of security policies, procedures, and best practices while also introducing them to emerging threats and countermeasures. Annual refreshers help combat the natural decay of security knowledge over time and ensure staff are updated on new security requirements or organizational changes. Evidence of compliance could include training completion records, annual training calendars, training content/materials showing both reinforcement of existing practices and introduction of new security concepts, or reports showing completion rates across departments.

Implementation Example

Require annual refreshers to reinforce existing practices and introduce new practices

ID: PR.AT-02.222

Context

Function: PR: PROTECT
Category: PR.AT: Awareness and Training
Sub-Category: Individuals in specialized roles are provided with awareness and training so that they possess the knowledge and skills to perform relevant tasks with cybersecurity risks in mind

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub