zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-03 00:12:16 +02:00
Code Issues Projects Releases Packages Wiki Activity
manage.get.gov/docs/compliance/dist/system-security-plans/ato/at-4.md
Logan McDonald 1d3dfdb8d5
Add compliance documentation to source control (#116) 
* add initial setup of compliance-trestle
2022-09-14 08:46:43 -04:00

1.7 KiB
Raw Blame History

implementation-status control-origination
c-not-implemented
c-inherited-cloud-gov
c-inherited-cisa
c-common-control
c-system-specific-control

at-4 - [catalog] Training Records

Control Statement

  • [a] Document and monitor information security and privacy training activities, including security and privacy awareness training and specific role-based security and privacy training; and

  • [b] Retain individual training records for time period.

Control guidance

Documentation for specialized training may be maintained by individual supervisors at the discretion of the organization. The National Archives and Records Administration provides guidance on records retention for federal agencies.

Control assessment-objective

information security and privacy training activities, including security and privacy awareness training and specific role-based security and privacy training, are documented; information security and privacy training activities, including security and privacy awareness training and specific role-based security and privacy training, are monitored; individual training records are retained for time period.

What is the solution and how is it implemented?

Implementation a.

Add control implementation description here for item at-4_smt.a

Implementation b.

Add control implementation description here for item at-4_smt.b