|
PR.AT-02.1: Members of management bodies shall be able to demonstrate that they have com- pleted training that gives them a solid understanding of information and cybersecurity and risk management so that they can assess information and cybersecurity risks and their consequences and propose the necessary risk mitigation, considering their roles, responsibilities and authorities.
|
http://cyfun.data.gift/data/requirement_PR_AT_02_1
|
19 |
|
PR.AT-02.2: Individuals in specialised roles shall be provided with awareness and training before privileges are granted, so that they possess the knowledge and skills to perform rel- evant tasks with cybersecurity risks in mind.
|
http://cyfun.data.gift/data/requirement_PR_AT_02_2
|
19 |
|
PR.AT-02.3: Privileged users shall be qualified before privileges are granted, and these users shall be able to demonstrate the understanding of their roles, responsibilities, and authorities.
|
http://cyfun.data.gift/data/requirement_PR_AT_02_3
|
19 |
|
PR.AT-02: Individuals in specialized roles are provided with awareness and training so that they possess the knowledge and skills to perform relevant tasks with cybersecurity risks in mind
|
http://cyfun.data.gift/data/nist_subcategory_PR_AT_02
|
5 |
|
PR.AT-02: Individuals in specialized roles are provided with awareness and training so that they possess the knowledge and skills to perform relevant tasks with cybersecurity risks in mind
|
http://cyfun.data.gift/data/subcategory_PR.AT-02
|
19 |
|
PR.AT: Awareness and Training
|
http://cyfun.data.gift/data/category_PR.AT
|
23 |
|
PR.AT: Awareness and Training
|
http://cyfun.data.gift/data/nist_category_PR_AT
|
5 |
|
PR.DS-01.1: The organisation shall implement software, firmware, and information integrity checks to detect unauthorised changes to its critical system components during storage, transport, start-up and when determined necessary.
|
http://cyfun.data.gift/data/requirement_PR_DS_01_1
|
19 |
|
PR.DS-01.2: The organisation shall implement automated tools where feasible to provide notifi- cation upon discovering discrepancies during integrity verification.
|
http://cyfun.data.gift/data/requirement_PR_DS_01_2
|
17 |
|
PR.DS-01.3: The organisation shall define and implement automated responses to detected integrity violations, using predefined safeguards that are proportionate to the severity and impact of the violation.
|
http://cyfun.data.gift/data/requirement_PR_DS_01_3
|
17 |
|
PR.DS-01.4: The organisation shall define and enforce clear policies and practical safeguards to manage and restrict the use of portable storage media, in order to reduce the risk of data leakage, unauthorised access, and malware introduction.
|
http://cyfun.data.gift/data/requirement_PR_DS_01_4
|
19 |
|
PR.DS-01.5: The organisation shall only allow the use of removable media when absolutely necessary and shall put technical measures in place to block automatic execution of files from these devices.
|
http://cyfun.data.gift/data/requirement_PR_DS_01_5
|
19 |