Consists of numerous elements led by the learning program managers, who develop a strategic plan to deliver a right-sized program to reduce organizational cybersecurity and privacy risks via workforce education and training. Operates throughout the year and incorporates plans for ongoing improvements that are based on rigorous assessments and metrics that support compliance and other mandated reporting.

Source: NIST SP 800-50r1 | Category: