SAT-03.7 ยท Continuing Professional Education (CPE) - Cybersecurity & Data Protection Personnel

Control Description

Mechanisms exist to ensure cybersecurity and data protection personnel receive Continuing Professional Education (CPE) training to maintain currency and proficiency with industry-recognized secure practices that are pertinent to their assigned roles and responsibilities.

Control Question
Assessment question for control validation

Does the organization ensure cybersecurity and data protection personnel receive Continuing Professional Education (CPE) training to maintain currency and proficiency with industry-recognized secure practices that are pertinent to their assigned roles and responsibilities?

Control Weighting
8
Validation Cadence
Annual
NIST CSF Function
Identify
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Core Control Designations
Special designations and baseline inclusions
ESP Level 1: SAT-03.7
ESP Level 2: SAT-03.7
ESP Level 3: SAT-03.7
Errata & Additional Notes

- wordsmithed control - renamed