History
- Priority
- must
- Nov 2018
- Removed
- Removed due to duplication of intent of security control 0252.
- 2017
- Agencies must ensure that all personnel who have access to a system have sufficientinformation security awareness and training.
- 2015
- Agencies must ensure that all personnel who have access to a system have sufficientinformation security awareness and training.
- 2010
- Agencies must ensure all personnel who have access to a system have sufficient information securityawareness and training.
- 2008
- Agency management must ensure that all staff members who have access to a system have sufficient ICT security awareness and training.