AT-3: Role-based Training
RMF Control AT-3: Role-based training requires organizations to provide training and awareness to personnel on information security and the protection of Controlled Unclassified Information (CUI), based on their roles and responsibilities. The training should include: Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing cybersecurity risk to …