Enterprise Security Policy, Standards and Guidelines
NOT SELECTED
P1
No
February 15, 2018
Development initiatives of the Agency's information security workforce shall adopt the National Initiative for Cybersecurity Education's cybersecurity workforce framework. Essential and desired entry-level knowledge, skills and abilities shall be reflected on the position descriptions for each information security workforce position, and shall incorporate the cybersecurity workforce framework's recommendations.
Lack of establishing focused security workforce development and improvement programs, may result in unclear expectations on safeguarding organizational operations and assets.
The organization establishes an information security workforce development and improvement program.
The organization makes information security training opportunities available to personnel on a continuous basis.
State implementation of this standard is incorporated into TAC 202.
Obtain policies and procedures addressing information security workforce development and improvement programs and ascertain if:
(i) the programs focus on developing and institutionalizing core information security capabilities of selected personnel needed to protect organizational operations, assets, and individuals