PO7.4:
From HORSE - Holistic Operational Readiness Security Evaluation.
[edit] PO 7.4 Personnel Training
[edit] Control Objective:
Provide IT employees with appropriate orientation when hired and ongoing training to maintain their knowledge, skills, abilities, internal controls and security awareness at the level required achieving organizational goals.
[edit] Applicability:
- Sarbanes-Oxley
- HIPAA
- GLBA
- PCI
- FISMA
- NIST SP 800-66
- Ditscap
- Control Exception
- User Defined
[edit] Risk Association Control Activities:
[edit] Implementation Guide:
[edit] Process Narrative
Insert a description of the process narration that is applicable to the existing control statement this narrative refers to.
[edit] Process Illustration
Insert a process diagram, flowchart or other visual representation here to illustrate the process narrative.
Image:Someimage.jpg
[edit] Control Commentary
Insert a description of the control that is applicable to the existing control statement this commentary refers to.
[edit] Control Exception Commentary
Insert a description of the control exception that is applicable to the existing control statement this commentary refers to.
[edit] Evidence Archive Location
Insert Evidence Description Here.
[edit] Control Status and Auditors Commentary
Describe the condition of the applicable control and its effectiveness. Set the color icon to a redlock.jpg, yellowlock.jpg or greenlock.jpg.
Image:Redlock.jpg
[edit] Remediation Plan
Insert remediation plan, applicability, or any information that indicates what needs to be done.
[edit] Supplemental Information:
ISO 177994.2 Security of third-party access.
ISO 8.2 System planning and acceptance.
ISO 9.8 Mobile computing and teleworking.
ISO 11.1 Aspects of business continuity management.
[edit] Implementation guidance
Insert guidance in this section if it helps to elaborate upon the subject matter. Examples of evidence that would help guide the end user is desirable.
