GV.AT-P: Awareness And Training

Description

The organization’s workforce and third parties engaged in data processing are provided privacy awareness education and are trained to perform their privacy-related duties and responsibilities consistent with related policies, processes, procedures, and agreements and organizational privacy values.

Framework Subcategories

GV.AT-P1: The workforce is informed and trained on its roles and responsibilities

[csf.tools Note: Subcategories do not have detailed descriptions.]

GV.AT-P2: Senior executives understand their roles and responsibilities

[csf.tools Note: Subcategories do not have detailed descriptions.] Note: This Privacy Framework Subcategory is identical to the Cybersecurity Framework Subcategory.

GV.AT-P3: Privacy personnel understand their roles and responsibilities

[csf.tools Note: Subcategories do not have detailed descriptions.]

GV.AT-P4: Third parties (e.g., service providers, customers, partners) understand their roles and responsibilities

[csf.tools Note: Subcategories do not have detailed descriptions.]