Description
Annual security awareness training for all employees. Required by multiple frameworks.
Requirements
- Deliver security awareness training to all employees
- Include phishing simulation exercises
- Document training completion rates
- Address non-compliant employees
- Update training content for current threats
Applicable To
All Regulated Organizations
Penalty Information
âš Required by PCI DSS, HIPAA, SOC 2, ISO 27001, and most compliance frameworks.