Description
Provide feedback on organizational training results to the following personnel [Assignment: organization-defined parameters]: [Assignment: organization-defined parameters].
Supplemental Guidance
Training feedback includes awareness training results and role-based training results. Training results, especially failures of personnel in critical roles, can be indicative of a potentially serious problem. Therefore, it is important that senior managers are made aware of such situations so that they can take appropriate response actions. Training feedback supports the evaluation and update of organizational training described in [AT-02b](#at-2_smt.b) and [AT-03b](#at-3_smt.b).
Changes from Rev 4
New control in Rev 5.
Compliance Mappings
ISO 27001:2022
7.2A.6.3
ISO 27002:2022
6.3
COBIT 2019
APO07BAI08
CIS Controls v8
CIS 14CIS 14.6CIS 14.9
NIST CSF 2.0
ID.IM-03PR.AT-01PR.AT-02
SOC 2 TSC
CC1.4CC1.4-POF2
ISO 42001:2023
A.4.6
NIS2 Directive
Art. 21(2)(g)
PRA Operational Resilience
SS1/21-6.2
APRA CPS 234
Para 19-20
BSI IT-Grundschutz
ORP.3
ANSSI
Hygiene.1RGS.1.2SecNumCloud.8.3
FINMA Circular 2023/1
IV.B.a(47)IV.B.a(48)IV.B.a(49)IV.B.b(50)IV.B.b(51)IV.E(92)IV.E(93)IV.F(97)
OSFI B-13
B-13.1.1
EU GDPR
Art.39(1)(b)Art.47(2)(n)
EU DORA
Art.13(6)Art.5(4)
BIO2
6.3
RBI CSF
Annex1.23
FISC Security Guidelines
FISC.O8
LGPD + BCB 4893
BCB.Art.4LGPD.Art.50
DNB Good Practice
DNB.9.1DNB.9.3
SAMA CSF
1.6
NCA ECC
1-10
UAE IA
T5
CBB TM
TM-3
Qatar NIA
HR
CBUAE
CR-11
CBE CSF
GOV-4
SA JS2
JS2-8.6
CBN CSF
Part8
BoG CISD
CISD-XV
BoM CTRM
3.8
IOSCO Cyber Resilience
PROT-4
CPMI-IOSCO PFMI
CG.GOVCG.LE
FFIEC IS
I.AII.C.7(e)
HIPAA Security Rule
§164.308(a)(5)(i)§164.308(a)(5)(ii)(A)
ECB CROE
CROE.2.1.2CROE.2.3.2CROE.2.8.1
EBA ICT Guidelines
3.4.7
SEBI CSCRF
CAPACITYPR.AT
BOT Cyber Resilience
Ch7.1
CMMC 2.0
AT
CBEST
CBEST.10
Lloyd's Minimum Standards
MS8.13
NAIC Insurance Data Security
4-training
FCA SYSC 13
SYSC 13.5.1SYSC 13.6.1
HITRUST CSF v11
02.b
ISO 27799
7.2
NHS DSPT
NDG-2.2NDG-3.1NDG-6.4