Navigate

CCI-000105

CCI-000105 Definition

Review and update the current security awareness and training procedures in accordance with an organization-defined frequency.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoDD 8570.01 meets the DoD requirement for IA awareness training policy and procedures.DoD Components are automatically compliant with this CCI because they are covered by the DoD level policy, DoDD 8570.01.DoD has defined the frequency as annually.

Validation Procedures

DoD Components are automatically compliant with this CCI because they are covered by the DoD level policy, DoDD 8570.01.DoD has defined the frequency as annually.

Compelling Evidence

Automatically compliant per DoDD 8570.01

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000105.

Control	Description
AT-1	The organization: a: Develops, documents, and disseminates to [one of ]: 1: A security awareness and training policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and 2: Procedures to facilitate the implementation of the security awareness and training policy and associated security awareness and training controls; and b: Reviews and updates the current: 1: Security awareness and training policy [one of ]; and 2: Security awareness and training procedures [one of ].

Control

Description

AT-1

The organization:

a: Develops, documents, and disseminates to [one of ]:
- 1: A security awareness and training policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
- 2: Procedures to facilitate the implementation of the security awareness and training policy and associated security awareness and training controls; and

b: Reviews and updates the current:
- 1: Security awareness and training policy [one of ]; and
- 2: Security awareness and training procedures [one of ].