Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
PR.AT-02.1: Members of management bodies shall be able to demonstrate that they have com- pleted training that gives them a solid understanding of information and cybersecurity and risk management so that they can assess information and cybersecurity risks and their consequences and propose the necessary risk mitigation, considering their roles, responsibilities and authorities. |
|
PR.AT-02.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p76 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p107 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that members of management bodies are equipped to make informed decisions on cybersecurity risks and mitigation strategies by developing a foundational understanding of information security, cyber threats, and risk management principles relevant to their leadership roles. To achieve this goal, the following practices should be considered: - Training should provide management with the ability to assess cybersecurity risks, understand their potential impact, and propose appropriate mitigation measures aligned with their responsibilities and authority. - Training content should consider: - Core concepts of information and cybersecurity - Risk identification, assessment, and mitigation - Strategic decision-making in the context of cyber threats - Recognition of potential security gaps and governance responsibilities - Training should be tailored to leadership roles, using guidance from the European Union Agency for Cyber- security (ENISA) on role profiles, including titles, missions, tasks, skills, and competencies (Ref. European Cybersecurity Skills Framework Role Profiles). - Annual refresher sessions should be considered to reinforce existing practices and introduce new develop- ments in cybersecurity and risk management. |
|
A general note, for any purpose. |
The goal of this control is to ensure that members of management bodies are equipped to make informed decisions on cybersecurity risks and mitigation strategies by developing a foundational understanding of information security, cyber threats, and risk management principles relevant to their leadership roles. To achieve this goal, the following practices should be considered: - Training should provide management with the ability to assess cybersecurity risks, understand their potential impact, and propose appropriate mitigation measures aligned with their responsibilities and authority. - Training content should consider: - Core concepts of information and cybersecurity - Risk identification, assessment, and mitigation - Strategic decision-making in the context of cyber threats - Recognition of potential security gaps and governance responsibilities - Training should be tailored to leadership roles, using guidance from the European Union Agency for Cyber- security (ENISA) on role profiles, including titles, missions, tasks, skills, and competencies (Ref. European Cybersecurity Skills Framework Role Profiles). - Annual refresher sessions should be considered to reinforce existing practices and introduce new develop- ments in cybersecurity and risk management. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that members of management bodies are equipped to make informed decisions on cybersecurity risks and mitigation strategies by developing a foundational understanding of information security, cyber threats, and risk management principles relevant to their leadership roles. To achieve this goal, the following practices should be considered:</p><ul><li>Training should provide management with the ability to assess cybersecurity risks, understand their potential impact, and propose appropriate mitigation measures aligned with their responsibilities and authority.</li><li>Training content should consider:<ul><li>Core concepts of information and cybersecurity</li><li>Risk identification, assessment, and mitigation</li><li>Strategic decision-making in the context of cyber threats</li><li>Recognition of potential security gaps and governance responsibilities</li></ul></li><li>Training should be tailored to leadership roles, using guidance from the European Union Agency for Cyber- security (ENISA) on role profiles, including titles, missions, tasks, skills, and competencies (Ref. European Cybersecurity Skills Framework Role Profiles).</li><li>Annual refresher sessions should be considered to reinforce existing practices and introduce new develop- ments in cybersecurity and risk management.</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that members of management bodies are equipped to make informed decisions on cybersecurity risks and mitigation strategies by developing a foundational understanding of information security, cyber threats, and risk management principles relevant to their leadership roles. To achieve this goal, the following practices should be considered: • Training should provide management with the ability to assess cybersecurity risks, understand their potential impact, and propose appropriate mitigation measures aligned with their responsibilities and authority. • Training content should consider: o Core concepts of information and cybersecurity o Risk identification, assessment, and mitigation o Strategic decision-making in the context of cyber threats o Recognition of potential security gaps and governance responsibilities • Training should be tailored to leadership roles, using guidance from the European Union Agency for Cyber- security (ENISA) on role profiles, including titles, missions, tasks, skills, and competencies (Ref. European Cybersecurity Skills Framework Role Profiles). • Annual refresher sessions should be considered to reinforce existing practices and introduce new develop- ments in cybersecurity and risk management. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
PR.AT-02.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Management cybersecurity training |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Members of management bodies shall be able to demonstrate that they have com- pleted training that gives them a solid understanding of information and cybersecurity and risk management so that they can assess information and cybersecurity risks and their consequences and propose the necessary risk mitigation, considering their roles, responsibilities and authorities. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
19 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 21 of 21
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1