CCI-000100

The organization develops and documents a security awareness and training policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.

Implementation Guidance

DoDD 8570.01 meets the DoD requirement for IA awareness training policy and procedures. DoD Components are automatically compliant with this CCI because they are covered by the DoD level policy, DoDD 8570.01. Comment: DoDD 8570.01 will be updated with DoDD 8140 once signed. The organization's use of their higher command policy/procedures meets this requirement if more stringent.

Validation Procedures

DoDD 8570.01 meets the DoD requirement for IA awareness training policy and procedures. DoD Components are automatically compliant with this CCI because they are covered by the DoD level policy, DoDD 8570.01. Comment: The organization's use of their higher command policy/procedures meets this requirement if more stringent.

Compelling Evidence

Automatically compliant per DoDD 8570.01

The controls below (if any) were marked by NIST as being related to CCI-000100.