A.6.3 — Information security awareness, education and training
This control ensures that employees receive regular information security awareness, education, and training. Measures include scheduled training sessions, e-learning programs, and simulated phishing exercises.
| Property | Value |
|---|---|
| Section | process |
| Owner | operator |
Mapped Controls
| Control | Title |
|---|---|
| SID-PPL-02 | Security Awareness, Education, and Training |
Source: ISO/IEC 27001:2022 Annex A