HRS-05.7 ยท Policy Familiarization & Acknowledgement

Control Description

Mechanisms exist to ensure personnel receive recurring familiarization with the organization's cybersecurity and data protection policies and provide acknowledgement.

Control Question
Assessment question for control validation

Does the organization ensure personnel receive recurring familiarization with its cybersecurity and data protection policies and provide acknowledgement?

Control Weighting
8
Validation Cadence
Annual
NIST CSF Function
Identify
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Core Control Designations
Special designations and baseline inclusions
MAD: HRS-05.7
ESP Level 1: HRS-05.7
ESP Level 2: HRS-05.7
ESP Level 3: HRS-05.7
Errata & Additional Notes

- wordsmithed control