← Back to catalog
AT-3(3)

Practical Exercises

Awareness and Training (AT)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description

Provide practical exercises in security and privacy training that reinforce training objectives.

Discussion

Practical exercises for security include training for software developers that addresses simulated attacks that exploit common software vulnerabilities or spear or whale phishing attacks targeted at senior leaders or executives. Practical exercises for privacy include modules with quizzes on identifying and processing personally identifiable information in various scenarios or scenarios on conducting privacy impact assessments.

Implementation guidance

No content available.

CSF 2.0 crosswalk

No CSF mappings exist for this control.