Master Assessment Datasheet
Privileged user type Security-related education/training available through DISA IASE (e.g. VTE, Skill Soft, other professional sources) meets the provision of this control. The organization being inspected/assessed may define specific requirements within the above listed sources for their personnel.
The organization conducting the inspection/assessment obtains and examines documented records (IAW AT-4) of their privileged users training.
1.) Signed and dated system security plan (SSP) 2.) Signed and dated security awareness and training policy 3.) Sampling of training records of randomly selected individuals