17.2: Deliver Training to Fill the Skills Gap
Deliver training to address the skills gap identified to positively impact workforce members’ security behavior.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
N/A |
N/A |
2, 3 |
Dependencies
Sub-control 17.1: Perform a Skills Gap Analysis
Inputs
Skills gap topics (areas of weakness as determined by the skills gap analysis in Sub-Control 17.1)
Modules/topics covered in the organization’s security awareness training
Operations
- For each skills gap in Input 1, determine if that topic is adequately covered in the organization’s security awareness training program (Input 2).
Create a list of the topics that are adequately covered (M1)
Create a list of the topics that are not adequately covered (M2) including notes on what needs to be added to achieve adequate coverage of the topic.
Measures
M1 = List of skills gap topics that are adequately covered in the organization’s security awareness training
M2 = List of skills gap topics that are not adequately covered in the organization’s security awareness training
M3 = Count of skills gap topics that are adequately covered in the organization’s security awareness program (count of M1)
M4 = Total count of skills gap topics (count of Input 1)
Metrics
Coverage
Metric |
The ratio of skills gap topics that are adequately covered in the organization’s
security awareness training
|
Calculation |
|