PR.AT-05

Have all physical and cybersecurity personnel been trained on and demonstrated understanding of their specific roles and responsibilities?

Explanation

This question assesses whether security staff clearly understand what they are responsible for and how they should respond in various security scenarios. Without clear role definition and proper training, security personnel may respond inconsistently to incidents, miss critical security tasks, or create gaps in your security posture due to confusion about who handles what responsibilities. Evidence could include: role-specific training materials, signed acknowledgments of role descriptions, completed training records, security response simulation results, or certification documentation relevant to specific security roles.

Context

Function
PR: PROTECT
Category
PR.AT: Awareness and Training
Sub-Category
Physical and cybersecurity personnel understand their roles and responsibilities

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron