AT-04 Security Training Records

Control: The organization documents and monitors individual information system security training activities including basic security awareness training and specific information system security training.

Supplemental Guidance: None.

Control Enhancements: (0) None.

Baseline: LOW AT-4 MOD AT-4 HIGH AT-4

Family: Awareness And Training

Class: Operational

ISO 17799 mapping: None.

COBIT 4.1 mapping: DS7.2

PCI-DSS v2 mapping: 12.6.2