M3.3.3 - TRAINING EXECUTION Implementation Guidance
The entity shall conduct security training following an established plan.
Back to M3.3.3 - P2 - TRAINING EXECUTION
Security trainings typically focus on topics specific to the applications and systems within the entities, such as security best practices for implementing and maintaining a database or patching operating systems. Specific training methods may include:
- A. Internal training websites
- B. Manuals, guides, and handbooks
- C. Slide presentations
Entities should update training based on changes within the IT landscape, such as changing technology, updated systems, new services, or new threats.
Back to M3.3.3 - P2 - TRAINING EXECUTION
